setwd("C:/Users/v-tech/Desktop/samples/cve-common-vulnerabilities-and-exposures (1)")
#getwd()
#getwd()
setwd("C:/Users/v-tech/Desktop/samples/cve-common-vulnerabilities-and-exposures (1)")
The working directory was changed to C:/Users/v-tech/Desktop/samples/cve-common-vulnerabilities-and-exposures (1) inside a notebook chunk. The working directory will be reset when the chunk is finished running. Use the knitr root.dir option in the setup chunk to change the working directory for notebook chunks.
data <- read.csv("CVE.csv", header =TRUE,  skip = 2)
head(data)
str(data)
'data.frame':   997 obs. of  7 variables:
 $ Name       : Factor w/ 997 levels "","before they can be added to the official CVE list.  Therefore, these",..: 4 2 3 996 995 997 1 5 6 7 ...
 $ Status     : Factor w/ 3 levels "","Candidate",..: 1 1 1 1 1 1 1 2 3 3 ...
 $ Description: Factor w/ 991 levels "","** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-1999-0022.  Reason: This candidate is a duplic"| __truncated__,..: 1 1 1 1 1 1 1 571 262 464 ...
 $ References : Factor w/ 821 levels "","AIXAPAR:IX80543   |   URL:http://www-1.ibm.com/support/search.wss?rs=0&q=IX80543&apar=only   |   RSI:RSI.0005.0"| __truncated__,..: 1 1 1 1 1 1 1 337 47 48 ...
 $ Phase      : Factor w/ 68 levels "","Interim (19990630)",..: 1 1 1 1 1 1 1 42 1 1 ...
 $ Votes      : Factor w/ 265 levels "","   ACCEPT(1) Baker  |     MODIFY(1) Frech",..: 1 1 1 1 1 1 1 247 1 1 ...
 $ Comments   : Factor w/ 314 levels "","Baker> Although newer versions on snmp are not as vulnerable as prior versions,  |    this can still be a signi"| __truncated__,..: 1 1 1 1 1 1 1 11 1 1 ...
sum(is.na(data))

converting to numeric

data$Status_r <- unclass(data$Status)
data$Description_r <- unclass(data$Description)
data$References_r <- unclass(data$References)
data$Phase_r <-unclass(data$Phase)
data$Votes_r <- unclass(data$Votes)
data$Comments_r <- unclass(data$Comments)

head(data)
lnm_fit = lm(formula = data$Votes_r ~ data$Description +data$Status +data$References , data= data)
summary(lnm_fit)

Call:
lm(formula = data$Votes_r ~ data$Description + data$Status + 
    data$References, data = data)

Residuals:
       Min         1Q     Median         3Q        Max 
-1.000e-11  0.000e+00  0.000e+00  0.000e+00  1.667e-11 

Coefficients: (822 not defined because of singularities)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                Estimate
(Intercept)                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1.000e+00
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-1999-0022.  Reason: This candidate is a duplicate of CVE-1999-0022.  Notes: All CVE users should reference CVE-1999-0022 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         1.170e+02
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-1999-0032.  Reason: This candidate is a duplicate of CVE-1999-0032.  Notes: All CVE users should reference CVE-1999-0032 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         2.470e+02
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-1999-0315.  Reason: This candidate's original description had a typo that delayed it from being detected as a duplicate of CVE-1999-0315.  Notes: All CVE users should reference CVE-1999-0315 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   2.480e+02
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-1999-1584, CVE-1999-1586.  Reason: This candidate combined references from one issue with the description from another issue.  Notes: Users should consult CVE-1999-1584 and CVE-1999-1586 to obtain the appropriate name.  All references and descriptions in this candidate have been removed to prevent accidental usage.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  6.100e+01
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is not about any specific product, protocol, or design, so it is out of scope of CVE.  It might be more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A hacker utility, back door, or Trojan Horse is installed on a system, e.g. NetBus, Back Orifice, Rootkit, etc."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 1.960e+02
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is not about any specific product, protocol, or design, so it is out of scope of CVE.  Notes: the former description is: "A service may include useful information in its banner or help function (such as the name and version), making it useful for information gathering activities."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           2.210e+02
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A component service related to DNS service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         9.600e+01
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A component service related to NETBIOS is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             9.000e+01
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A component service related to NIS is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 9.200e+01
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A database service is running, e.g. a SQL server, Oracle, or mySQL."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            4.000e+00
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A POP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      9.600e+01
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A Windows NT Primary Domain Controller (PDC) or Backup Domain Controller (BDC) is present."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     2.640e+02
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "An SMTP service supports EXPN, VRFY, HELP, ESMTP, and/or EHLO."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 2.420e+02
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "DCOM is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               9.600e+01
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The bootparam (bootparamd) service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 7.700e+01
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The FSP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2.100e+01
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The FTP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9.600e+01
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The HTTP/WWW service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               9.600e+01
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The IMAP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   9.600e+01
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The IRC service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9.200e+01
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The LDAP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   9.600e+01
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The NFS service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9.200e+01
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The NNTP news service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              9.200e+01
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The SMTP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   9.600e+01
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The SNMP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   1.640e+02
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The SSH service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9.600e+01
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The Telnet service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 9.600e+01
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The TFTP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   9.600e+01
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The X Windows service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              9.200e+01
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The X25 service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9.600e+01
data$Description.reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2.040e+02
data$Description64 bit Solaris 7 procfs allows local users to perform a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    -5.716e-13
data$DescriptionA buffer overflow in lsof allows local users to obtain root privilege.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        -1.661e-12
data$DescriptionA buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  -6.341e-13
data$DescriptionA buffer overflow in the SGI X server allows local users to gain root access through the X server font path.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  -9.533e-13
data$DescriptionA bug in Cyrix CPUs on Linux allows local users to perform a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                8.118e-12
data$DescriptionA component service related to NIS+ is running.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                9.600e+01
data$DescriptionA configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4.800e+01
data$DescriptionA default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           -1.700e-11
data$DescriptionA default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  -9.189e-13
data$DescriptionA default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             -1.734e-12
data$DescriptionA DNS server allows inverse queries.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           2.390e+02
data$DescriptionA DNS server allows zone transfers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2.390e+02
data$DescriptionA filter in a router or firewall allows unusual fragmented packets.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2.530e+02
data$DescriptionA hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   6.400e+01
data$DescriptionA kernel leak in the OpenBSD kernel allows IPsec packets to be sent unencrypted.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               1.189e-12
data$DescriptionA later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              1.130e+02
data$DescriptionA legacy credential caching mechanism used in Windows 95 and Windows 98 systems allows attackers to read plaintext network passwords.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         -1.324e-12
data$DescriptionA mail server is explicitly configured to allow SMTP mail relay, which allows abuse by spammers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               1.560e+02
data$DescriptionA malicious Palace server can force a client to execute arbitrary programs.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4.175e-13
data$DescriptionA memory leak in a Motorola CableRouter allows remote attackers to conduct a denial of service via a large number of telnet connections.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       6.000e+01
data$DescriptionA NETBIOS/SMB share password is guessable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     2.220e+02
data$DescriptionA NETBIOS/SMB share password is the default, null, or missing.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 2.220e+02
data$DescriptionA network intrusion detection system (IDS) does not properly handle data within TCP handshake packets.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         7.400e+01
data$DescriptionA network intrusion detection system (IDS) does not properly handle packets that are sent out of order, allowing an attacker to escape detection.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              1.300e+02
data$DescriptionA network intrusion detection system (IDS) does not properly handle packets with improper sequence numbers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    7.400e+01
data$DescriptionA network intrusion detection system (IDS) does not properly reassemble fragmented packets.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    7.400e+01
data$DescriptionA network intrusion detection system (IDS) does not verify the checksum on a packet.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           7.400e+01
data$DescriptionA network service is running on a nonstandard port.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2.590e+02
data$DescriptionA password for accessing a WWW URL is guessable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               1.990e+02
data$DescriptionA quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          -1.309e-12
data$DescriptionA race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          -1.184e-12
data$DescriptionA race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         -4.969e-13
data$DescriptionA race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1.000e+00
data$DescriptionA race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 -1.435e-12
data$DescriptionA race condition in the BackWeb Polite Agent Protocol allows an attacker to spoof a BackWeb server.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           -1.442e-12
data$DescriptionA race condition in the Solaris ps command allows an attacker to overwrite critical files.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    -1.003e-12
data$DescriptionA remote attacker can disable the virus warning mechanism in Microsoft Excel 97.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              -2.402e-13
data$DescriptionA remote attacker can gain access to a file system using ..  (dot dot) when accessing SMB shares.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2.290e+02
data$DescriptionA remote attacker can read information from a Netscape user's cache via JavaScript.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           -9.365e-13
data$DescriptionA remote attacker can sometimes identify the operating system of a host based on how it reacts to some IP or ICMP packets, using a tool such as nmap or queso.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 2.450e+02
data$DescriptionA router's configuration service or management interface (such as a web server or telnet) is configured to allow connections from arbitrary hosts.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             5.000e+00
data$DescriptionA router's routing tables can be obtained from arbitrary hosts.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                1.200e+01
data$DescriptionA router or firewall allows source routed packets from arbitrary hosts.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        7.100e+01
data$DescriptionA router or firewall forwards external packets that claim to come from inside the network that the router/firewall is in front of.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             1.530e+02
data$DescriptionA router or firewall forwards packets that claim to come from IANA reserved or private addresses, e.g. 10.x.x.x, 127.x.x.x, 217.x.x.x, etc.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2.400e+01
data$DescriptionA Sendmail alias allows input to be piped to a program.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3.600e+01
data$DescriptionA service or application has a backdoor password that was placed there by the developer.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       9.500e+01
data$DescriptionA superfluous NFS server is running, but it is not importing or exporting any file systems.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4.100e+01
data$DescriptionA system-critical NETBIOS/SMB share has inappropriate access control.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4.400e+01
data$DescriptionA system-critical program or library does not have the appropriate patch, hotfix, or service pack installed, or is outdated or obsolete.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       1.950e+02
data$DescriptionA system-critical program, library, or file has a checksum or other integrity measurement that indicates that it has been modified.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            1.520e+02
data$DescriptionA system-critical Unix file or directory has inappropriate permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        9.400e+01
data$DescriptionA system-critical Windows NT file or directory has inappropriate permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  9.300e+01
data$DescriptionA system-critical Windows NT registry key has an inappropriate value.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4.900e+01
data$DescriptionA system-critical Windows NT registry key has inappropriate permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       5.000e+01
data$DescriptionA system does not present an appropriate legal message or warning to a user who is accessing it.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               7.000e+01
data$DescriptionA system is operating in "promiscuous" mode which allows it to perform packet sniffing.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        7.200e+01
data$DescriptionA system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 1.970e+02
data$DescriptionA trust relationship exists between two Unix hosts.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2.400e+02
data$DescriptionA Unix account has a default, null, blank, or missing password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                2.010e+02
data$DescriptionA Unix account has a guessable password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       1.570e+02
data$DescriptionA Unix account with a name other than "root" has UID 0, i.e. root privileges.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2.600e+02
data$DescriptionA URL for a WWW directory allows auto-indexing, which provides a list of all files in that directory if it does not contain an index.html file.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                5.100e+01
data$DescriptionA version of finger is running that exposes valid user information to any entity on the network.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              -2.997e-13
data$DescriptionA version of rusers is running that exposes valid user information to any entity on the network.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              -2.953e-12
data$DescriptionA vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   1.890e+02
data$DescriptionA weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  7.515e-13
data$DescriptionA weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     1.500e+02
data$DescriptionA Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             -1.527e-12
data$DescriptionA Windows NT account policy does not forcibly disconnect remote users from the server when their logon hours expire.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           3.300e+01
data$DescriptionA Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                1.270e+02
data$DescriptionA Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout duration, lockout after bad logon attempts, etc.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           1.780e+02
data$DescriptionA Windows NT administrator account has the default name of Administrator.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3.900e+01
data$DescriptionA Windows NT domain user or administrator account has a default, null, blank, or missing password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             1.990e+02
data$DescriptionA Windows NT domain user or administrator account has a guessable password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1.990e+02
data$DescriptionA Windows NT file system is not NTFS.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1.240e+02
data$DescriptionA Windows NT local user or administrator account has a default, null, blank, or missing password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2.010e+02
data$DescriptionA Windows NT local user or administrator account has a guessable password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     2.010e+02
data$DescriptionA Windows NT log file has an inappropriate maximum size or retention period.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   2.410e+02
data$DescriptionA Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1.280e+02
data$DescriptionA Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   1.650e+02
data$DescriptionA Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           1.650e+02
data$DescriptionA Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2.060e+02
data$DescriptionA Windows NT system's user audit policy does not log an event success or failure, e.g. for Logon and Logoff, File and Object Access, Use of User Rights, User and Group Management, Security Policy Changes, Restart, Shutdown, and System, and Process Tracking.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2.080e+02
data$DescriptionA Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               8.900e+01
data$DescriptionA Windows NT system does not restrict access to removable media drives such as a floppy disk drive or CDROM drive.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             4.600e+01
data$DescriptionA Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        -2.128e-12
data$DescriptionA Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   -2.348e-12
data$DescriptionA Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2.180e+02
data$DescriptionA WWW server is not running in a restricted file system, e.g. through a chroot, thus allowing access to system-critical data.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  4.900e+01
data$DescriptionAAA authentication on Cisco systems allows attackers to execute commands without authorization.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               -1.757e-12
data$DescriptionACC Tigris allows public access without a login.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              -9.992e-13
data$DescriptionAccess violation in LSASS.EXE (LSA/LSARPC) program in Windows NT allows a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  -1.264e-12
data$Descriptionadmintool in Solaris allows a local user to write to arbitrary files and gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     1.184e-11
data$DescriptionAfter an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        -1.958e-12
data$DescriptionAIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            3.407e-12
data$DescriptionAIX bugfiler program allows local users to gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  -3.888e-13
data$DescriptionAIX infod allows local users to gain root access through an X display.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         1.288e-11
data$DescriptionAIX Licensed Program Product performance tools allow local users to gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         -1.225e-12
data$DescriptionAIX nslookup command allows local users to obtain root access by not dropping privileges correctly.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            7.970e-12
data$DescriptionAIX passwd allows local users to gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            -2.246e-12
data$DescriptionAIX piodmgrsu command allows local users to gain additional group privileges.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  5.353e-12
data$DescriptionAIX routed allows remote users to modify sensitive files.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1.200e+02
data$DescriptionAlibaba HTTP server allows remote attackers to read files via a .. (dot dot) attack.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           2.120e+02
data$DescriptionAlibaba web server allows remote attackers to execute commands via a pipe character in a malformed URL.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        8.600e+01
data$DescriptionAll records in a WINS database can be deleted through SNMP for a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           -1.752e-12
data$DescriptionAN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             -1.503e-12
data$DescriptionAn account on a router, firewall, or other network device has a default, null, blank, or missing password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     2.000e+02
data$DescriptionAn account on a router, firewall, or other network device has a guessable password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            1.990e+02
data$DescriptionAn application-critical Windows NT registry key has an inappropriate value.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4.900e+01
data$DescriptionAn application-critical Windows NT registry key has inappropriate permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 5.000e+01
data$DescriptionAn attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          -5.962e-13
data$DescriptionAn attacker can force a printer to print arbitrary documents (e.g. if the printer doesn't require a password) or to become disabled.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           8.200e+01
data$DescriptionAn attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the Cisco Discovery Protocol (CDP).                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 5.700e+01
data$DescriptionAn attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           -9.771e-13
data$DescriptionAn event log in Windows NT has inappropriate access permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               9.300e+01
data$DescriptionAn example application in ColdFusion Server 4.0 allows remote attackers to view source code via the sourcewindow.cfm file.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    -2.096e-12
data$DescriptionAn incorrect configuration of the EZMall 2000 shopping cart  CGI program "mall2000.cgi" could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    7.000e+00
data$DescriptionAn incorrect configuration of the Order Form 1.0 shopping cart  CGI program could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                7.000e+00
data$DescriptionAn incorrect configuration of the PDG Shopping Cart CGI program "shopper.cgi" could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             -7.580e-13
data$DescriptionAn incorrect configuration of the SoftCart CGI program "SoftCart.exe" could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      7.000e+00
data$DescriptionAn incorrect configuration of the Webcart CGI program could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      6.000e+00
data$DescriptionAn incorrect configuration of the WebStore 1.0 shopping cart CGI program "web_store.cgi" could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   6.000e+00
data$DescriptionAn NIS domain name is easily guessable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2.000e+02
data$DescriptionAn SNMP community name is guessable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           2.010e+02
data$DescriptionAn SNMP community name is the default (e.g. public), null, or missing.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         2.010e+02
data$DescriptionAn SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                -1.698e-12
data$DescriptionAn SSH server allows authentication through the .rhosts file.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  8.000e+01
data$DescriptionAn unrestricted remote trust relationship for Unix systems has been set up, e.g. by using a + sign in /etc/hosts.equiv.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        7.200e+01
data$DescriptionAn X server's access control is disabled (e.g. through an "xhost +" command) and allows anyone to connect to the server.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      -1.997e-12
data$DescriptionAnonymous FTP is enabled.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4.000e+01
data$DescriptionAnyForm CGI remote execution.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 -3.040e-12
data$DescriptionApache allows remote attackers to conduct a denial of service via a large number of MIME headers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2.300e+01
data$DescriptionApache httpd cookie buffer overflow for versions 1.1.1 and earlier.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           -2.659e-13
data$DescriptionArbitrary command execution via buffer overflow in Count.cgi (wwwcount) cgi-bin program.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      -3.357e-12
data$DescriptionArbitrary command execution via IMAP buffer overflow in authenticate command.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 -2.271e-12
data$DescriptionArbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                -4.898e-12
data$DescriptionArbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 -2.334e-12
data$DescriptionArkiea nlservd allows remote attackers to conduct a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         1.797e-12
data$DescriptionAttackers can cause a denial of service in Ascend MAX and Pipeline routers with a malformed packet to the discard port, which is used by the Java Configurator tool.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          -2.060e-12
data$DescriptionAttackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login).  This applies to some IOS 9.x, 10.x, and 11.x releases.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   -8.153e-13
data$DescriptionAttackers can do a denial of service of IRC by crashing the server.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2.630e+02
data$DescriptionAutomount daemon automountd allows local or remote users to gain privileges via shell metacharacters.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         -1.666e-12
data$DescriptionBash treats any character with a value of 255 as a command separator.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          5.535e-12
data$DescriptionBMC Patrol allows any remote attacker to flood its UDP port, causing a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     -1.672e-12
data$DescriptionBMC Patrol allows remote attackers to gain access to an agent by spoofing frames.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             -1.935e-12
data$DescriptionBNBForm allows remote attackers to read arbitrary files via the automessage hidden form variable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             -1.399e-12
data$DescriptionBNBSurvey survey.cgi program allows remote attackers to execute commands via shell metacharacters.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            -1.001e-12
data$DescriptionBonk variation of teardrop IP fragmentation denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 2.560e+02
data$DescriptionBuffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     -1.420e-12
data$DescriptionBuffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             -1.561e-12
data$DescriptionBuffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            -9.946e-13
data$DescriptionBuffer overflow in AIX dtterm program for the CDE.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            -1.292e-12
data$DescriptionBuffer overflow in AIX ftpd in the libc library.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              -1.865e-12
data$DescriptionBuffer overflow in AIX lchangelv gives root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           -1.848e-12
data$DescriptionBuffer overflow in AIX libDtSvc library can allow local users to gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             1.210e+02
data$DescriptionBuffer overflow in AIX lquerylv program gives root access to local users.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     -2.419e-12
data$DescriptionBuffer overflow in AIX rcp command allows local users to obtain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  -9.046e-13
data$DescriptionBuffer overflow in AIX writesrv command allows local users to obtain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             -7.349e-14
data$DescriptionBuffer overflow in AIX xdat gives root access to local users.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2.107e-12
data$DescriptionBuffer overflow in ALMail32 POP3 client via From: or To: headers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2.280e+02
data$DescriptionBuffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               9.000e+00
data$DescriptionBuffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      -1.627e-12
data$DescriptionBuffer overflow in BFTelnet allows remote attackers to cause a denial of service via a long username.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         -2.250e-12
data$DescriptionBuffer overflow in BIND 8.2 via NXT records.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  -2.134e-12
data$DescriptionBuffer overflow in BNC IRC proxy allows remote attackers to gain privileges.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  -1.013e-12
data$DescriptionBuffer overflow in BNU UUCP daemon (uucpd) through long hostnames.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            -1.840e-12
data$DescriptionBuffer overflow in bootpd 2.4.3 and earlier via a long boot file location.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     1.428e-12
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Std. Error
(Intercept)                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3.285e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-1999-0022.  Reason: This candidate is a duplicate of CVE-1999-0022.  Notes: All CVE users should reference CVE-1999-0022 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-1999-0032.  Reason: This candidate is a duplicate of CVE-1999-0032.  Notes: All CVE users should reference CVE-1999-0032 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-1999-0315.  Reason: This candidate's original description had a typo that delayed it from being detected as a duplicate of CVE-1999-0315.  Notes: All CVE users should reference CVE-1999-0315 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-1999-1584, CVE-1999-1586.  Reason: This candidate combined references from one issue with the description from another issue.  Notes: Users should consult CVE-1999-1584 and CVE-1999-1586 to obtain the appropriate name.  All references and descriptions in this candidate have been removed to prevent accidental usage.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is not about any specific product, protocol, or design, so it is out of scope of CVE.  It might be more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A hacker utility, back door, or Trojan Horse is installed on a system, e.g. NetBus, Back Orifice, Rootkit, etc."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is not about any specific product, protocol, or design, so it is out of scope of CVE.  Notes: the former description is: "A service may include useful information in its banner or help function (such as the name and version), making it useful for information gathering activities."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A component service related to DNS service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A component service related to NETBIOS is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A component service related to NIS is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A database service is running, e.g. a SQL server, Oracle, or mySQL."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A POP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A Windows NT Primary Domain Controller (PDC) or Backup Domain Controller (BDC) is present."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "An SMTP service supports EXPN, VRFY, HELP, ESMTP, and/or EHLO."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "DCOM is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The bootparam (bootparamd) service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The FSP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The FTP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The HTTP/WWW service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The IMAP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The IRC service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The LDAP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The NFS service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The NNTP news service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The SMTP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The SNMP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The SSH service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The Telnet service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The TFTP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The X Windows service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              9.292e-12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The X25 service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9.292e-12
data$Description.reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              9.292e-12
data$Description64 bit Solaris 7 procfs allows local users to perform a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     9.292e-12
data$DescriptionA buffer overflow in lsof allows local users to obtain root privilege.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         9.292e-12
data$DescriptionA buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   9.292e-12
data$DescriptionA buffer overflow in the SGI X server allows local users to gain root access through the X server font path.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   9.292e-12
data$DescriptionA bug in Cyrix CPUs on Linux allows local users to perform a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                9.292e-12
data$DescriptionA component service related to NIS+ is running.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                9.292e-12
data$DescriptionA configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9.292e-12
data$DescriptionA default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            9.292e-12
data$DescriptionA default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   9.292e-12
data$DescriptionA default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              9.292e-12
data$DescriptionA DNS server allows inverse queries.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           9.292e-12
data$DescriptionA DNS server allows zone transfers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            9.292e-12
data$DescriptionA filter in a router or firewall allows unusual fragmented packets.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            9.292e-12
data$DescriptionA hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   9.292e-12
data$DescriptionA kernel leak in the OpenBSD kernel allows IPsec packets to be sent unencrypted.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               9.292e-12
data$DescriptionA later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              9.292e-12
data$DescriptionA legacy credential caching mechanism used in Windows 95 and Windows 98 systems allows attackers to read plaintext network passwords.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          9.292e-12
data$DescriptionA mail server is explicitly configured to allow SMTP mail relay, which allows abuse by spammers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               9.292e-12
data$DescriptionA malicious Palace server can force a client to execute arbitrary programs.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9.292e-12
data$DescriptionA memory leak in a Motorola CableRouter allows remote attackers to conduct a denial of service via a large number of telnet connections.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       9.292e-12
data$DescriptionA NETBIOS/SMB share password is guessable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     9.292e-12
data$DescriptionA NETBIOS/SMB share password is the default, null, or missing.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 9.292e-12
data$DescriptionA network intrusion detection system (IDS) does not properly handle data within TCP handshake packets.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         9.292e-12
data$DescriptionA network intrusion detection system (IDS) does not properly handle packets that are sent out of order, allowing an attacker to escape detection.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              9.292e-12
data$DescriptionA network intrusion detection system (IDS) does not properly handle packets with improper sequence numbers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9.292e-12
data$DescriptionA network intrusion detection system (IDS) does not properly reassemble fragmented packets.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9.292e-12
data$DescriptionA network intrusion detection system (IDS) does not verify the checksum on a packet.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           9.292e-12
data$DescriptionA network service is running on a nonstandard port.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            9.292e-12
data$DescriptionA password for accessing a WWW URL is guessable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               9.292e-12
data$DescriptionA quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           9.292e-12
data$DescriptionA race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           9.292e-12
data$DescriptionA race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          9.292e-12
data$DescriptionA race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  9.292e-12
data$DescriptionA race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  9.292e-12
data$DescriptionA race condition in the BackWeb Polite Agent Protocol allows an attacker to spoof a BackWeb server.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            9.292e-12
data$DescriptionA race condition in the Solaris ps command allows an attacker to overwrite critical files.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     9.292e-12
data$DescriptionA remote attacker can disable the virus warning mechanism in Microsoft Excel 97.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               9.292e-12
data$DescriptionA remote attacker can gain access to a file system using ..  (dot dot) when accessing SMB shares.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              9.292e-12
data$DescriptionA remote attacker can read information from a Netscape user's cache via JavaScript.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            9.292e-12
data$DescriptionA remote attacker can sometimes identify the operating system of a host based on how it reacts to some IP or ICMP packets, using a tool such as nmap or queso.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 9.292e-12
data$DescriptionA router's configuration service or management interface (such as a web server or telnet) is configured to allow connections from arbitrary hosts.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             9.292e-12
data$DescriptionA router's routing tables can be obtained from arbitrary hosts.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                9.292e-12
data$DescriptionA router or firewall allows source routed packets from arbitrary hosts.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        9.292e-12
data$DescriptionA router or firewall forwards external packets that claim to come from inside the network that the router/firewall is in front of.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             9.292e-12
data$DescriptionA router or firewall forwards packets that claim to come from IANA reserved or private addresses, e.g. 10.x.x.x, 127.x.x.x, 217.x.x.x, etc.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9.292e-12
data$DescriptionA Sendmail alias allows input to be piped to a program.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        9.292e-12
data$DescriptionA service or application has a backdoor password that was placed there by the developer.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       9.292e-12
data$DescriptionA superfluous NFS server is running, but it is not importing or exporting any file systems.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9.292e-12
data$DescriptionA system-critical NETBIOS/SMB share has inappropriate access control.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          9.292e-12
data$DescriptionA system-critical program or library does not have the appropriate patch, hotfix, or service pack installed, or is outdated or obsolete.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       9.292e-12
data$DescriptionA system-critical program, library, or file has a checksum or other integrity measurement that indicates that it has been modified.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            9.292e-12
data$DescriptionA system-critical Unix file or directory has inappropriate permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        9.292e-12
data$DescriptionA system-critical Windows NT file or directory has inappropriate permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  9.292e-12
data$DescriptionA system-critical Windows NT registry key has an inappropriate value.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          9.292e-12
data$DescriptionA system-critical Windows NT registry key has inappropriate permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       9.292e-12
data$DescriptionA system does not present an appropriate legal message or warning to a user who is accessing it.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               9.292e-12
data$DescriptionA system is operating in "promiscuous" mode which allows it to perform packet sniffing.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        9.292e-12
data$DescriptionA system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 9.292e-12
data$DescriptionA trust relationship exists between two Unix hosts.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            9.292e-12
data$DescriptionA Unix account has a default, null, blank, or missing password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                9.292e-12
data$DescriptionA Unix account has a guessable password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       9.292e-12
data$DescriptionA Unix account with a name other than "root" has UID 0, i.e. root privileges.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  9.292e-12
data$DescriptionA URL for a WWW directory allows auto-indexing, which provides a list of all files in that directory if it does not contain an index.html file.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                9.292e-12
data$DescriptionA version of finger is running that exposes valid user information to any entity on the network.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               9.292e-12
data$DescriptionA version of rusers is running that exposes valid user information to any entity on the network.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               9.292e-12
data$DescriptionA vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   9.292e-12
data$DescriptionA weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  9.292e-12
data$DescriptionA weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     9.292e-12
data$DescriptionA Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              9.292e-12
data$DescriptionA Windows NT account policy does not forcibly disconnect remote users from the server when their logon hours expire.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           9.292e-12
data$DescriptionA Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                9.292e-12
data$DescriptionA Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout duration, lockout after bad logon attempts, etc.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           9.292e-12
data$DescriptionA Windows NT administrator account has the default name of Administrator.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      9.292e-12
data$DescriptionA Windows NT domain user or administrator account has a default, null, blank, or missing password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             9.292e-12
data$DescriptionA Windows NT domain user or administrator account has a guessable password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9.292e-12
data$DescriptionA Windows NT file system is not NTFS.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          9.292e-12
data$DescriptionA Windows NT local user or administrator account has a default, null, blank, or missing password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              9.292e-12
data$DescriptionA Windows NT local user or administrator account has a guessable password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     9.292e-12
data$DescriptionA Windows NT log file has an inappropriate maximum size or retention period.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   9.292e-12
data$DescriptionA Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        9.292e-12
data$DescriptionA Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   9.292e-12
data$DescriptionA Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           9.292e-12
data$DescriptionA Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      9.292e-12
data$DescriptionA Windows NT system's user audit policy does not log an event success or failure, e.g. for Logon and Logoff, File and Object Access, Use of User Rights, User and Group Management, Security Policy Changes, Restart, Shutdown, and System, and Process Tracking.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              9.292e-12
data$DescriptionA Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               9.292e-12
data$DescriptionA Windows NT system does not restrict access to removable media drives such as a floppy disk drive or CDROM drive.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             9.292e-12
data$DescriptionA Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         9.292e-12
data$DescriptionA Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9.292e-12
data$DescriptionA Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        9.292e-12
data$DescriptionA WWW server is not running in a restricted file system, e.g. through a chroot, thus allowing access to system-critical data.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  9.292e-12
data$DescriptionAAA authentication on Cisco systems allows attackers to execute commands without authorization.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                9.292e-12
data$DescriptionACC Tigris allows public access without a login.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               9.292e-12
data$DescriptionAccess violation in LSASS.EXE (LSA/LSARPC) program in Windows NT allows a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   9.292e-12
data$Descriptionadmintool in Solaris allows a local user to write to arbitrary files and gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     9.292e-12
data$DescriptionAfter an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         9.292e-12
data$DescriptionAIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            9.292e-12
data$DescriptionAIX bugfiler program allows local users to gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   9.292e-12
data$DescriptionAIX infod allows local users to gain root access through an X display.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         9.292e-12
data$DescriptionAIX Licensed Program Product performance tools allow local users to gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          9.292e-12
data$DescriptionAIX nslookup command allows local users to obtain root access by not dropping privileges correctly.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            9.292e-12
data$DescriptionAIX passwd allows local users to gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             9.292e-12
data$DescriptionAIX piodmgrsu command allows local users to gain additional group privileges.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  9.292e-12
data$DescriptionAIX routed allows remote users to modify sensitive files.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      9.292e-12
data$DescriptionAlibaba HTTP server allows remote attackers to read files via a .. (dot dot) attack.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           9.292e-12
data$DescriptionAlibaba web server allows remote attackers to execute commands via a pipe character in a malformed URL.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        9.292e-12
data$DescriptionAll records in a WINS database can be deleted through SNMP for a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            9.292e-12
data$DescriptionAN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              9.292e-12
data$DescriptionAn account on a router, firewall, or other network device has a default, null, blank, or missing password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     9.292e-12
data$DescriptionAn account on a router, firewall, or other network device has a guessable password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            9.292e-12
data$DescriptionAn application-critical Windows NT registry key has an inappropriate value.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9.292e-12
data$DescriptionAn application-critical Windows NT registry key has inappropriate permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 9.292e-12
data$DescriptionAn attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           9.292e-12
data$DescriptionAn attacker can force a printer to print arbitrary documents (e.g. if the printer doesn't require a password) or to become disabled.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           9.292e-12
data$DescriptionAn attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the Cisco Discovery Protocol (CDP).                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 9.292e-12
data$DescriptionAn attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            9.292e-12
data$DescriptionAn event log in Windows NT has inappropriate access permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               9.292e-12
data$DescriptionAn example application in ColdFusion Server 4.0 allows remote attackers to view source code via the sourcewindow.cfm file.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     9.292e-12
data$DescriptionAn incorrect configuration of the EZMall 2000 shopping cart  CGI program "mall2000.cgi" could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9.292e-12
data$DescriptionAn incorrect configuration of the Order Form 1.0 shopping cart  CGI program could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                9.292e-12
data$DescriptionAn incorrect configuration of the PDG Shopping Cart CGI program "shopper.cgi" could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              9.292e-12
data$DescriptionAn incorrect configuration of the SoftCart CGI program "SoftCart.exe" could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      9.292e-12
data$DescriptionAn incorrect configuration of the Webcart CGI program could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      9.292e-12
data$DescriptionAn incorrect configuration of the WebStore 1.0 shopping cart CGI program "web_store.cgi" could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   9.292e-12
data$DescriptionAn NIS domain name is easily guessable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        9.292e-12
data$DescriptionAn SNMP community name is guessable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           9.292e-12
data$DescriptionAn SNMP community name is the default (e.g. public), null, or missing.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         9.292e-12
data$DescriptionAn SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 9.292e-12
data$DescriptionAn SSH server allows authentication through the .rhosts file.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  9.292e-12
data$DescriptionAn unrestricted remote trust relationship for Unix systems has been set up, e.g. by using a + sign in /etc/hosts.equiv.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        9.292e-12
data$DescriptionAn X server's access control is disabled (e.g. through an "xhost +" command) and allows anyone to connect to the server.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       9.292e-12
data$DescriptionAnonymous FTP is enabled.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      9.292e-12
data$DescriptionAnyForm CGI remote execution.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  9.292e-12
data$DescriptionApache allows remote attackers to conduct a denial of service via a large number of MIME headers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              9.292e-12
data$DescriptionApache httpd cookie buffer overflow for versions 1.1.1 and earlier.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            9.292e-12
data$DescriptionArbitrary command execution via buffer overflow in Count.cgi (wwwcount) cgi-bin program.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       9.292e-12
data$DescriptionArbitrary command execution via IMAP buffer overflow in authenticate command.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  9.292e-12
data$DescriptionArbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 9.292e-12
data$DescriptionArbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  9.292e-12
data$DescriptionArkiea nlservd allows remote attackers to conduct a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         9.292e-12
data$DescriptionAttackers can cause a denial of service in Ascend MAX and Pipeline routers with a malformed packet to the discard port, which is used by the Java Configurator tool.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           9.292e-12
data$DescriptionAttackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login).  This applies to some IOS 9.x, 10.x, and 11.x releases.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9.292e-12
data$DescriptionAttackers can do a denial of service of IRC by crashing the server.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            9.292e-12
data$DescriptionAutomount daemon automountd allows local or remote users to gain privileges via shell metacharacters.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          9.292e-12
data$DescriptionBash treats any character with a value of 255 as a command separator.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          9.292e-12
data$DescriptionBMC Patrol allows any remote attacker to flood its UDP port, causing a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      9.292e-12
data$DescriptionBMC Patrol allows remote attackers to gain access to an agent by spoofing frames.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              9.292e-12
data$DescriptionBNBForm allows remote attackers to read arbitrary files via the automessage hidden form variable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              9.292e-12
data$DescriptionBNBSurvey survey.cgi program allows remote attackers to execute commands via shell metacharacters.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             9.292e-12
data$DescriptionBonk variation of teardrop IP fragmentation denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 9.292e-12
data$DescriptionBuffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      9.292e-12
data$DescriptionBuffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              9.292e-12
data$DescriptionBuffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             9.292e-12
data$DescriptionBuffer overflow in AIX dtterm program for the CDE.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             9.292e-12
data$DescriptionBuffer overflow in AIX ftpd in the libc library.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               9.292e-12
data$DescriptionBuffer overflow in AIX lchangelv gives root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            9.292e-12
data$DescriptionBuffer overflow in AIX libDtSvc library can allow local users to gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             9.292e-12
data$DescriptionBuffer overflow in AIX lquerylv program gives root access to local users.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      9.292e-12
data$DescriptionBuffer overflow in AIX rcp command allows local users to obtain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   9.292e-12
data$DescriptionBuffer overflow in AIX writesrv command allows local users to obtain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              9.292e-12
data$DescriptionBuffer overflow in AIX xdat gives root access to local users.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  9.292e-12
data$DescriptionBuffer overflow in ALMail32 POP3 client via From: or To: headers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              9.292e-12
data$DescriptionBuffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               9.292e-12
data$DescriptionBuffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       9.292e-12
data$DescriptionBuffer overflow in BFTelnet allows remote attackers to cause a denial of service via a long username.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          9.292e-12
data$DescriptionBuffer overflow in BIND 8.2 via NXT records.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   9.292e-12
data$DescriptionBuffer overflow in BNC IRC proxy allows remote attackers to gain privileges.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   9.292e-12
data$DescriptionBuffer overflow in BNU UUCP daemon (uucpd) through long hostnames.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             9.292e-12
data$DescriptionBuffer overflow in bootpd 2.4.3 and earlier via a long boot file location.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     9.292e-12
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 t value
(Intercept)                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3.044e+11
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-1999-0022.  Reason: This candidate is a duplicate of CVE-1999-0022.  Notes: All CVE users should reference CVE-1999-0022 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         1.259e+13
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-1999-0032.  Reason: This candidate is a duplicate of CVE-1999-0032.  Notes: All CVE users should reference CVE-1999-0032 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         2.658e+13
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-1999-0315.  Reason: This candidate's original description had a typo that delayed it from being detected as a duplicate of CVE-1999-0315.  Notes: All CVE users should reference CVE-1999-0315 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   2.669e+13
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-1999-1584, CVE-1999-1586.  Reason: This candidate combined references from one issue with the description from another issue.  Notes: Users should consult CVE-1999-1584 and CVE-1999-1586 to obtain the appropriate name.  All references and descriptions in this candidate have been removed to prevent accidental usage.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  6.565e+12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is not about any specific product, protocol, or design, so it is out of scope of CVE.  It might be more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A hacker utility, back door, or Trojan Horse is installed on a system, e.g. NetBus, Back Orifice, Rootkit, etc."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 2.109e+13
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is not about any specific product, protocol, or design, so it is out of scope of CVE.  Notes: the former description is: "A service may include useful information in its banner or help function (such as the name and version), making it useful for information gathering activities."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           2.378e+13
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A component service related to DNS service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         1.033e+13
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A component service related to NETBIOS is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             9.686e+12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A component service related to NIS is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 9.901e+12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A database service is running, e.g. a SQL server, Oracle, or mySQL."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            4.305e+11
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A POP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1.033e+13
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A Windows NT Primary Domain Controller (PDC) or Backup Domain Controller (BDC) is present."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     2.841e+13
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "An SMTP service supports EXPN, VRFY, HELP, ESMTP, and/or EHLO."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 2.604e+13
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "DCOM is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               1.033e+13
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The bootparam (bootparamd) service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 8.287e+12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The FSP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2.260e+12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The FTP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1.033e+13
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The HTTP/WWW service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               1.033e+13
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The IMAP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   1.033e+13
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The IRC service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9.901e+12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The LDAP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   1.033e+13
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The NFS service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    9.901e+12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The NNTP news service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              9.901e+12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The SMTP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   1.033e+13
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The SNMP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   1.765e+13
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The SSH service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1.033e+13
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The Telnet service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 1.033e+13
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The TFTP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   1.033e+13
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The X Windows service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              9.901e+12
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The X25 service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1.033e+13
data$Description.reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2.195e+13
data$Description64 bit Solaris 7 procfs allows local users to perform a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    -6.200e-02
data$DescriptionA buffer overflow in lsof allows local users to obtain root privilege.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        -1.790e-01
data$DescriptionA buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  -6.800e-02
data$DescriptionA buffer overflow in the SGI X server allows local users to gain root access through the X server font path.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  -1.030e-01
data$DescriptionA bug in Cyrix CPUs on Linux allows local users to perform a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                8.740e-01
data$DescriptionA component service related to NIS+ is running.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                1.033e+13
data$DescriptionA configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    5.166e+12
data$DescriptionA default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           -1.830e+00
data$DescriptionA default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  -9.900e-02
data$DescriptionA default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             -1.870e-01
data$DescriptionA DNS server allows inverse queries.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           2.572e+13
data$DescriptionA DNS server allows zone transfers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2.572e+13
data$DescriptionA filter in a router or firewall allows unusual fragmented packets.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2.723e+13
data$DescriptionA hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   6.888e+12
data$DescriptionA kernel leak in the OpenBSD kernel allows IPsec packets to be sent unencrypted.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               1.280e-01
data$DescriptionA later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              1.216e+13
data$DescriptionA legacy credential caching mechanism used in Windows 95 and Windows 98 systems allows attackers to read plaintext network passwords.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         -1.420e-01
data$DescriptionA mail server is explicitly configured to allow SMTP mail relay, which allows abuse by spammers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               1.679e+13
data$DescriptionA malicious Palace server can force a client to execute arbitrary programs.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4.500e-02
data$DescriptionA memory leak in a Motorola CableRouter allows remote attackers to conduct a denial of service via a large number of telnet connections.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       6.457e+12
data$DescriptionA NETBIOS/SMB share password is guessable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     2.389e+13
data$DescriptionA NETBIOS/SMB share password is the default, null, or missing.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 2.389e+13
data$DescriptionA network intrusion detection system (IDS) does not properly handle data within TCP handshake packets.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         7.964e+12
data$DescriptionA network intrusion detection system (IDS) does not properly handle packets that are sent out of order, allowing an attacker to escape detection.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              1.399e+13
data$DescriptionA network intrusion detection system (IDS) does not properly handle packets with improper sequence numbers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    7.964e+12
data$DescriptionA network intrusion detection system (IDS) does not properly reassemble fragmented packets.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    7.964e+12
data$DescriptionA network intrusion detection system (IDS) does not verify the checksum on a packet.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           7.964e+12
data$DescriptionA network service is running on a nonstandard port.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2.787e+13
data$DescriptionA password for accessing a WWW URL is guessable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               2.142e+13
data$DescriptionA quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          -1.410e-01
data$DescriptionA race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          -1.270e-01
data$DescriptionA race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         -5.300e-02
data$DescriptionA race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1.076e+11
data$DescriptionA race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 -1.540e-01
data$DescriptionA race condition in the BackWeb Polite Agent Protocol allows an attacker to spoof a BackWeb server.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           -1.550e-01
data$DescriptionA race condition in the Solaris ps command allows an attacker to overwrite critical files.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    -1.080e-01
data$DescriptionA remote attacker can disable the virus warning mechanism in Microsoft Excel 97.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              -2.600e-02
data$DescriptionA remote attacker can gain access to a file system using ..  (dot dot) when accessing SMB shares.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2.465e+13
data$DescriptionA remote attacker can read information from a Netscape user's cache via JavaScript.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           -1.010e-01
data$DescriptionA remote attacker can sometimes identify the operating system of a host based on how it reacts to some IP or ICMP packets, using a tool such as nmap or queso.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 2.637e+13
data$DescriptionA router's configuration service or management interface (such as a web server or telnet) is configured to allow connections from arbitrary hosts.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             5.381e+11
data$DescriptionA router's routing tables can be obtained from arbitrary hosts.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                1.291e+12
data$DescriptionA router or firewall allows source routed packets from arbitrary hosts.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        7.641e+12
data$DescriptionA router or firewall forwards external packets that claim to come from inside the network that the router/firewall is in front of.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             1.647e+13
data$DescriptionA router or firewall forwards packets that claim to come from IANA reserved or private addresses, e.g. 10.x.x.x, 127.x.x.x, 217.x.x.x, etc.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2.583e+12
data$DescriptionA Sendmail alias allows input to be piped to a program.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3.874e+12
data$DescriptionA service or application has a backdoor password that was placed there by the developer.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       1.022e+13
data$DescriptionA superfluous NFS server is running, but it is not importing or exporting any file systems.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4.412e+12
data$DescriptionA system-critical NETBIOS/SMB share has inappropriate access control.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4.735e+12
data$DescriptionA system-critical program or library does not have the appropriate patch, hotfix, or service pack installed, or is outdated or obsolete.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       2.099e+13
data$DescriptionA system-critical program, library, or file has a checksum or other integrity measurement that indicates that it has been modified.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            1.636e+13
data$DescriptionA system-critical Unix file or directory has inappropriate permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1.012e+13
data$DescriptionA system-critical Windows NT file or directory has inappropriate permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1.001e+13
data$DescriptionA system-critical Windows NT registry key has an inappropriate value.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          5.273e+12
data$DescriptionA system-critical Windows NT registry key has inappropriate permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       5.381e+12
data$DescriptionA system does not present an appropriate legal message or warning to a user who is accessing it.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               7.533e+12
data$DescriptionA system is operating in "promiscuous" mode which allows it to perform packet sniffing.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        7.749e+12
data$DescriptionA system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 2.120e+13
data$DescriptionA trust relationship exists between two Unix hosts.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2.583e+13
data$DescriptionA Unix account has a default, null, blank, or missing password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                2.163e+13
data$DescriptionA Unix account has a guessable password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       1.690e+13
data$DescriptionA Unix account with a name other than "root" has UID 0, i.e. root privileges.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2.798e+13
data$DescriptionA URL for a WWW directory allows auto-indexing, which provides a list of all files in that directory if it does not contain an index.html file.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                5.489e+12
data$DescriptionA version of finger is running that exposes valid user information to any entity on the network.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              -3.200e-02
data$DescriptionA version of rusers is running that exposes valid user information to any entity on the network.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              -3.180e-01
data$DescriptionA vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   2.034e+13
data$DescriptionA weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  8.100e-02
data$DescriptionA weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     1.614e+13
data$DescriptionA Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             -1.640e-01
data$DescriptionA Windows NT account policy does not forcibly disconnect remote users from the server when their logon hours expire.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           3.551e+12
data$DescriptionA Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                1.367e+13
data$DescriptionA Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout duration, lockout after bad logon attempts, etc.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           1.916e+13
data$DescriptionA Windows NT administrator account has the default name of Administrator.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4.197e+12
data$DescriptionA Windows NT domain user or administrator account has a default, null, blank, or missing password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             2.142e+13
data$DescriptionA Windows NT domain user or administrator account has a guessable password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2.142e+13
data$DescriptionA Windows NT file system is not NTFS.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          1.334e+13
data$DescriptionA Windows NT local user or administrator account has a default, null, blank, or missing password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2.163e+13
data$DescriptionA Windows NT local user or administrator account has a guessable password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     2.163e+13
data$DescriptionA Windows NT log file has an inappropriate maximum size or retention period.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   2.594e+13
data$DescriptionA Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        1.378e+13
data$DescriptionA Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   1.776e+13
data$DescriptionA Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           1.776e+13
data$DescriptionA Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2.217e+13
data$DescriptionA Windows NT system's user audit policy does not log an event success or failure, e.g. for Logon and Logoff, File and Object Access, Use of User Rights, User and Group Management, Security Policy Changes, Restart, Shutdown, and System, and Process Tracking.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2.239e+13
data$DescriptionA Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               9.578e+12
data$DescriptionA Windows NT system does not restrict access to removable media drives such as a floppy disk drive or CDROM drive.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             4.951e+12
data$DescriptionA Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        -2.290e-01
data$DescriptionA Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   -2.530e-01
data$DescriptionA Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2.346e+13
data$DescriptionA WWW server is not running in a restricted file system, e.g. through a chroot, thus allowing access to system-critical data.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  5.273e+12
data$DescriptionAAA authentication on Cisco systems allows attackers to execute commands without authorization.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               -1.890e-01
data$DescriptionACC Tigris allows public access without a login.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              -1.080e-01
data$DescriptionAccess violation in LSASS.EXE (LSA/LSARPC) program in Windows NT allows a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  -1.360e-01
data$Descriptionadmintool in Solaris allows a local user to write to arbitrary files and gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     1.274e+00
data$DescriptionAfter an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        -2.110e-01
data$DescriptionAIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            3.670e-01
data$DescriptionAIX bugfiler program allows local users to gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  -4.200e-02
data$DescriptionAIX infod allows local users to gain root access through an X display.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         1.387e+00
data$DescriptionAIX Licensed Program Product performance tools allow local users to gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         -1.320e-01
data$DescriptionAIX nslookup command allows local users to obtain root access by not dropping privileges correctly.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            8.580e-01
data$DescriptionAIX passwd allows local users to gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            -2.420e-01
data$DescriptionAIX piodmgrsu command allows local users to gain additional group privileges.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  5.760e-01
data$DescriptionAIX routed allows remote users to modify sensitive files.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      1.291e+13
data$DescriptionAlibaba HTTP server allows remote attackers to read files via a .. (dot dot) attack.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           2.282e+13
data$DescriptionAlibaba web server allows remote attackers to execute commands via a pipe character in a malformed URL.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        9.255e+12
data$DescriptionAll records in a WINS database can be deleted through SNMP for a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           -1.890e-01
data$DescriptionAN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             -1.620e-01
data$DescriptionAn account on a router, firewall, or other network device has a default, null, blank, or missing password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     2.152e+13
data$DescriptionAn account on a router, firewall, or other network device has a guessable password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2.142e+13
data$DescriptionAn application-critical Windows NT registry key has an inappropriate value.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    5.273e+12
data$DescriptionAn application-critical Windows NT registry key has inappropriate permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 5.381e+12
data$DescriptionAn attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          -6.400e-02
data$DescriptionAn attacker can force a printer to print arbitrary documents (e.g. if the printer doesn't require a password) or to become disabled.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           8.825e+12
data$DescriptionAn attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the Cisco Discovery Protocol (CDP).                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 6.134e+12
data$DescriptionAn attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           -1.050e-01
data$DescriptionAn event log in Windows NT has inappropriate access permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               1.001e+13
data$DescriptionAn example application in ColdFusion Server 4.0 allows remote attackers to view source code via the sourcewindow.cfm file.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    -2.260e-01
data$DescriptionAn incorrect configuration of the EZMall 2000 shopping cart  CGI program "mall2000.cgi" could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    7.533e+11
data$DescriptionAn incorrect configuration of the Order Form 1.0 shopping cart  CGI program could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                7.533e+11
data$DescriptionAn incorrect configuration of the PDG Shopping Cart CGI program "shopper.cgi" could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             -8.200e-02
data$DescriptionAn incorrect configuration of the SoftCart CGI program "SoftCart.exe" could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      7.533e+11
data$DescriptionAn incorrect configuration of the Webcart CGI program could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      6.457e+11
data$DescriptionAn incorrect configuration of the WebStore 1.0 shopping cart CGI program "web_store.cgi" could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   6.457e+11
data$DescriptionAn NIS domain name is easily guessable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2.152e+13
data$DescriptionAn SNMP community name is guessable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           2.163e+13
data$DescriptionAn SNMP community name is the default (e.g. public), null, or missing.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         2.163e+13
data$DescriptionAn SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                -1.830e-01
data$DescriptionAn SSH server allows authentication through the .rhosts file.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  8.610e+12
data$DescriptionAn unrestricted remote trust relationship for Unix systems has been set up, e.g. by using a + sign in /etc/hosts.equiv.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        7.749e+12
data$DescriptionAn X server's access control is disabled (e.g. through an "xhost +" command) and allows anyone to connect to the server.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      -2.150e-01
data$DescriptionAnonymous FTP is enabled.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4.305e+12
data$DescriptionAnyForm CGI remote execution.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 -3.270e-01
data$DescriptionApache allows remote attackers to conduct a denial of service via a large number of MIME headers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2.475e+12
data$DescriptionApache httpd cookie buffer overflow for versions 1.1.1 and earlier.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           -2.900e-02
data$DescriptionArbitrary command execution via buffer overflow in Count.cgi (wwwcount) cgi-bin program.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      -3.610e-01
data$DescriptionArbitrary command execution via IMAP buffer overflow in authenticate command.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 -2.440e-01
data$DescriptionArbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                -5.270e-01
data$DescriptionArbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 -2.510e-01
data$DescriptionArkiea nlservd allows remote attackers to conduct a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         1.930e-01
data$DescriptionAttackers can cause a denial of service in Ascend MAX and Pipeline routers with a malformed packet to the discard port, which is used by the Java Configurator tool.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          -2.220e-01
data$DescriptionAttackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login).  This applies to some IOS 9.x, 10.x, and 11.x releases.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   -8.800e-02
data$DescriptionAttackers can do a denial of service of IRC by crashing the server.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2.830e+13
data$DescriptionAutomount daemon automountd allows local or remote users to gain privileges via shell metacharacters.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         -1.790e-01
data$DescriptionBash treats any character with a value of 255 as a command separator.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          5.960e-01
data$DescriptionBMC Patrol allows any remote attacker to flood its UDP port, causing a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     -1.800e-01
data$DescriptionBMC Patrol allows remote attackers to gain access to an agent by spoofing frames.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             -2.080e-01
data$DescriptionBNBForm allows remote attackers to read arbitrary files via the automessage hidden form variable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             -1.510e-01
data$DescriptionBNBSurvey survey.cgi program allows remote attackers to execute commands via shell metacharacters.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            -1.080e-01
data$DescriptionBonk variation of teardrop IP fragmentation denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 2.755e+13
data$DescriptionBuffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     -1.530e-01
data$DescriptionBuffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             -1.680e-01
data$DescriptionBuffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            -1.070e-01
data$DescriptionBuffer overflow in AIX dtterm program for the CDE.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            -1.390e-01
data$DescriptionBuffer overflow in AIX ftpd in the libc library.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              -2.010e-01
data$DescriptionBuffer overflow in AIX lchangelv gives root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           -1.990e-01
data$DescriptionBuffer overflow in AIX libDtSvc library can allow local users to gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             1.302e+13
data$DescriptionBuffer overflow in AIX lquerylv program gives root access to local users.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     -2.600e-01
data$DescriptionBuffer overflow in AIX rcp command allows local users to obtain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  -9.700e-02
data$DescriptionBuffer overflow in AIX writesrv command allows local users to obtain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             -8.000e-03
data$DescriptionBuffer overflow in AIX xdat gives root access to local users.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2.270e-01
data$DescriptionBuffer overflow in ALMail32 POP3 client via From: or To: headers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2.454e+13
data$DescriptionBuffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               9.686e+11
data$DescriptionBuffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      -1.750e-01
data$DescriptionBuffer overflow in BFTelnet allows remote attackers to cause a denial of service via a long username.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         -2.420e-01
data$DescriptionBuffer overflow in BIND 8.2 via NXT records.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  -2.300e-01
data$DescriptionBuffer overflow in BNC IRC proxy allows remote attackers to gain privileges.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  -1.090e-01
data$DescriptionBuffer overflow in BNU UUCP daemon (uucpd) through long hostnames.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            -1.980e-01
data$DescriptionBuffer overflow in bootpd 2.4.3 and earlier via a long boot file location.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     1.540e-01
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              Pr(>|t|)
(Intercept)                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-1999-0022.  Reason: This candidate is a duplicate of CVE-1999-0022.  Notes: All CVE users should reference CVE-1999-0022 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-1999-0032.  Reason: This candidate is a duplicate of CVE-1999-0032.  Notes: All CVE users should reference CVE-1999-0032 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-1999-0315.  Reason: This candidate's original description had a typo that delayed it from being detected as a duplicate of CVE-1999-0315.  Notes: All CVE users should reference CVE-1999-0315 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-1999-1584, CVE-1999-1586.  Reason: This candidate combined references from one issue with the description from another issue.  Notes: Users should consult CVE-1999-1584 and CVE-1999-1586 to obtain the appropriate name.  All references and descriptions in this candidate have been removed to prevent accidental usage.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is not about any specific product, protocol, or design, so it is out of scope of CVE.  It might be more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A hacker utility, back door, or Trojan Horse is installed on a system, e.g. NetBus, Back Orifice, Rootkit, etc."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is not about any specific product, protocol, or design, so it is out of scope of CVE.  Notes: the former description is: "A service may include useful information in its banner or help function (such as the name and version), making it useful for information gathering activities."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A component service related to DNS service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A component service related to NETBIOS is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A component service related to NIS is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A database service is running, e.g. a SQL server, Oracle, or mySQL."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A POP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A Windows NT Primary Domain Controller (PDC) or Backup Domain Controller (BDC) is present."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "An SMTP service supports EXPN, VRFY, HELP, ESMTP, and/or EHLO."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "DCOM is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The bootparam (bootparamd) service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The FSP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The FTP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The HTTP/WWW service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The IMAP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The IRC service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The LDAP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The NFS service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The NNTP news service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The SMTP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The SNMP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The SSH service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The Telnet service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The TFTP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The X Windows service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               <2e-16
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The X25 service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     <2e-16
data$Description.reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               <2e-16
data$Description64 bit Solaris 7 procfs allows local users to perform a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       0.953
data$DescriptionA buffer overflow in lsof allows local users to obtain root privilege.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           0.864
data$DescriptionA buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     0.948
data$DescriptionA buffer overflow in the SGI X server allows local users to gain root access through the X server font path.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     0.922
data$DescriptionA bug in Cyrix CPUs on Linux allows local users to perform a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  0.416
data$DescriptionA component service related to NIS+ is running.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 <2e-16
data$DescriptionA configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     <2e-16
data$DescriptionA default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              0.117
data$DescriptionA default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     0.924
data$DescriptionA default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                0.858
data$DescriptionA DNS server allows inverse queries.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <2e-16
data$DescriptionA DNS server allows zone transfers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             <2e-16
data$DescriptionA filter in a router or firewall allows unusual fragmented packets.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             <2e-16
data$DescriptionA hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <2e-16
data$DescriptionA kernel leak in the OpenBSD kernel allows IPsec packets to be sent unencrypted.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 0.902
data$DescriptionA later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               <2e-16
data$DescriptionA legacy credential caching mechanism used in Windows 95 and Windows 98 systems allows attackers to read plaintext network passwords.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            0.891
data$DescriptionA mail server is explicitly configured to allow SMTP mail relay, which allows abuse by spammers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <2e-16
data$DescriptionA malicious Palace server can force a client to execute arbitrary programs.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      0.966
data$DescriptionA memory leak in a Motorola CableRouter allows remote attackers to conduct a denial of service via a large number of telnet connections.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <2e-16
data$DescriptionA NETBIOS/SMB share password is guessable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      <2e-16
data$DescriptionA NETBIOS/SMB share password is the default, null, or missing.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  <2e-16
data$DescriptionA network intrusion detection system (IDS) does not properly handle data within TCP handshake packets.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          <2e-16
data$DescriptionA network intrusion detection system (IDS) does not properly handle packets that are sent out of order, allowing an attacker to escape detection.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               <2e-16
data$DescriptionA network intrusion detection system (IDS) does not properly handle packets with improper sequence numbers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     <2e-16
data$DescriptionA network intrusion detection system (IDS) does not properly reassemble fragmented packets.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     <2e-16
data$DescriptionA network intrusion detection system (IDS) does not verify the checksum on a packet.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <2e-16
data$DescriptionA network service is running on a nonstandard port.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             <2e-16
data$DescriptionA password for accessing a WWW URL is guessable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <2e-16
data$DescriptionA quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             0.893
data$DescriptionA race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             0.903
data$DescriptionA race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            0.959
data$DescriptionA race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   <2e-16
data$DescriptionA race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    0.882
data$DescriptionA race condition in the BackWeb Polite Agent Protocol allows an attacker to spoof a BackWeb server.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              0.882
data$DescriptionA race condition in the Solaris ps command allows an attacker to overwrite critical files.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       0.918
data$DescriptionA remote attacker can disable the virus warning mechanism in Microsoft Excel 97.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 0.980
data$DescriptionA remote attacker can gain access to a file system using ..  (dot dot) when accessing SMB shares.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               <2e-16
data$DescriptionA remote attacker can read information from a Netscape user's cache via JavaScript.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              0.923
data$DescriptionA remote attacker can sometimes identify the operating system of a host based on how it reacts to some IP or ICMP packets, using a tool such as nmap or queso.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  <2e-16
data$DescriptionA router's configuration service or management interface (such as a web server or telnet) is configured to allow connections from arbitrary hosts.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              <2e-16
data$DescriptionA router's routing tables can be obtained from arbitrary hosts.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 <2e-16
data$DescriptionA router or firewall allows source routed packets from arbitrary hosts.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         <2e-16
data$DescriptionA router or firewall forwards external packets that claim to come from inside the network that the router/firewall is in front of.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              <2e-16
data$DescriptionA router or firewall forwards packets that claim to come from IANA reserved or private addresses, e.g. 10.x.x.x, 127.x.x.x, 217.x.x.x, etc.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     <2e-16
data$DescriptionA Sendmail alias allows input to be piped to a program.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         <2e-16
data$DescriptionA service or application has a backdoor password that was placed there by the developer.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <2e-16
data$DescriptionA superfluous NFS server is running, but it is not importing or exporting any file systems.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     <2e-16
data$DescriptionA system-critical NETBIOS/SMB share has inappropriate access control.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           <2e-16
data$DescriptionA system-critical program or library does not have the appropriate patch, hotfix, or service pack installed, or is outdated or obsolete.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <2e-16
data$DescriptionA system-critical program, library, or file has a checksum or other integrity measurement that indicates that it has been modified.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             <2e-16
data$DescriptionA system-critical Unix file or directory has inappropriate permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         <2e-16
data$DescriptionA system-critical Windows NT file or directory has inappropriate permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   <2e-16
data$DescriptionA system-critical Windows NT registry key has an inappropriate value.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           <2e-16
data$DescriptionA system-critical Windows NT registry key has inappropriate permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <2e-16
data$DescriptionA system does not present an appropriate legal message or warning to a user who is accessing it.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <2e-16
data$DescriptionA system is operating in "promiscuous" mode which allows it to perform packet sniffing.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         <2e-16
data$DescriptionA system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  <2e-16
data$DescriptionA trust relationship exists between two Unix hosts.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             <2e-16
data$DescriptionA Unix account has a default, null, blank, or missing password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 <2e-16
data$DescriptionA Unix account has a guessable password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <2e-16
data$DescriptionA Unix account with a name other than "root" has UID 0, i.e. root privileges.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   <2e-16
data$DescriptionA URL for a WWW directory allows auto-indexing, which provides a list of all files in that directory if it does not contain an index.html file.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 <2e-16
data$DescriptionA version of finger is running that exposes valid user information to any entity on the network.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 0.975
data$DescriptionA version of rusers is running that exposes valid user information to any entity on the network.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 0.761
data$DescriptionA vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <2e-16
data$DescriptionA weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    0.938
data$DescriptionA weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      <2e-16
data$DescriptionA Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                0.875
data$DescriptionA Windows NT account policy does not forcibly disconnect remote users from the server when their logon hours expire.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <2e-16
data$DescriptionA Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 <2e-16
data$DescriptionA Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout duration, lockout after bad logon attempts, etc.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <2e-16
data$DescriptionA Windows NT administrator account has the default name of Administrator.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       <2e-16
data$DescriptionA Windows NT domain user or administrator account has a default, null, blank, or missing password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              <2e-16
data$DescriptionA Windows NT domain user or administrator account has a guessable password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     <2e-16
data$DescriptionA Windows NT file system is not NTFS.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           <2e-16
data$DescriptionA Windows NT local user or administrator account has a default, null, blank, or missing password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               <2e-16
data$DescriptionA Windows NT local user or administrator account has a guessable password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      <2e-16
data$DescriptionA Windows NT log file has an inappropriate maximum size or retention period.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <2e-16
data$DescriptionA Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         <2e-16
data$DescriptionA Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <2e-16
data$DescriptionA Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <2e-16
data$DescriptionA Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       <2e-16
data$DescriptionA Windows NT system's user audit policy does not log an event success or failure, e.g. for Logon and Logoff, File and Object Access, Use of User Rights, User and Group Management, Security Policy Changes, Restart, Shutdown, and System, and Process Tracking.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               <2e-16
data$DescriptionA Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <2e-16
data$DescriptionA Windows NT system does not restrict access to removable media drives such as a floppy disk drive or CDROM drive.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              <2e-16
data$DescriptionA Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           0.826
data$DescriptionA Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      0.809
data$DescriptionA Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         <2e-16
data$DescriptionA WWW server is not running in a restricted file system, e.g. through a chroot, thus allowing access to system-critical data.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   <2e-16
data$DescriptionAAA authentication on Cisco systems allows attackers to execute commands without authorization.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  0.856
data$DescriptionACC Tigris allows public access without a login.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 0.918
data$DescriptionAccess violation in LSASS.EXE (LSA/LSARPC) program in Windows NT allows a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     0.896
data$Descriptionadmintool in Solaris allows a local user to write to arbitrary files and gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       0.250
data$DescriptionAfter an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           0.840
data$DescriptionAIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              0.726
data$DescriptionAIX bugfiler program allows local users to gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     0.968
data$DescriptionAIX infod allows local users to gain root access through an X display.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           0.215
data$DescriptionAIX Licensed Program Product performance tools allow local users to gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            0.899
data$DescriptionAIX nslookup command allows local users to obtain root access by not dropping privileges correctly.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              0.424
data$DescriptionAIX passwd allows local users to gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               0.817
data$DescriptionAIX piodmgrsu command allows local users to gain additional group privileges.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    0.586
data$DescriptionAIX routed allows remote users to modify sensitive files.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       <2e-16
data$DescriptionAlibaba HTTP server allows remote attackers to read files via a .. (dot dot) attack.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <2e-16
data$DescriptionAlibaba web server allows remote attackers to execute commands via a pipe character in a malformed URL.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         <2e-16
data$DescriptionAll records in a WINS database can be deleted through SNMP for a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              0.857
data$DescriptionAN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                0.877
data$DescriptionAn account on a router, firewall, or other network device has a default, null, blank, or missing password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      <2e-16
data$DescriptionAn account on a router, firewall, or other network device has a guessable password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             <2e-16
data$DescriptionAn application-critical Windows NT registry key has an inappropriate value.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     <2e-16
data$DescriptionAn application-critical Windows NT registry key has inappropriate permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  <2e-16
data$DescriptionAn attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             0.951
data$DescriptionAn attacker can force a printer to print arbitrary documents (e.g. if the printer doesn't require a password) or to become disabled.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <2e-16
data$DescriptionAn attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the Cisco Discovery Protocol (CDP).                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  <2e-16
data$DescriptionAn attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              0.920
data$DescriptionAn event log in Windows NT has inappropriate access permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <2e-16
data$DescriptionAn example application in ColdFusion Server 4.0 allows remote attackers to view source code via the sourcewindow.cfm file.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       0.829
data$DescriptionAn incorrect configuration of the EZMall 2000 shopping cart  CGI program "mall2000.cgi" could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     <2e-16
data$DescriptionAn incorrect configuration of the Order Form 1.0 shopping cart  CGI program could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 <2e-16
data$DescriptionAn incorrect configuration of the PDG Shopping Cart CGI program "shopper.cgi" could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                0.938
data$DescriptionAn incorrect configuration of the SoftCart CGI program "SoftCart.exe" could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       <2e-16
data$DescriptionAn incorrect configuration of the Webcart CGI program could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       <2e-16
data$DescriptionAn incorrect configuration of the WebStore 1.0 shopping cart CGI program "web_store.cgi" could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <2e-16
data$DescriptionAn NIS domain name is easily guessable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         <2e-16
data$DescriptionAn SNMP community name is guessable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <2e-16
data$DescriptionAn SNMP community name is the default (e.g. public), null, or missing.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          <2e-16
data$DescriptionAn SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   0.861
data$DescriptionAn SSH server allows authentication through the .rhosts file.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   <2e-16
data$DescriptionAn unrestricted remote trust relationship for Unix systems has been set up, e.g. by using a + sign in /etc/hosts.equiv.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         <2e-16
data$DescriptionAn X server's access control is disabled (e.g. through an "xhost +" command) and allows anyone to connect to the server.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         0.837
data$DescriptionAnonymous FTP is enabled.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       <2e-16
data$DescriptionAnyForm CGI remote execution.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    0.755
data$DescriptionApache allows remote attackers to conduct a denial of service via a large number of MIME headers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               <2e-16
data$DescriptionApache httpd cookie buffer overflow for versions 1.1.1 and earlier.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              0.978
data$DescriptionArbitrary command execution via buffer overflow in Count.cgi (wwwcount) cgi-bin program.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         0.730
data$DescriptionArbitrary command execution via IMAP buffer overflow in authenticate command.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    0.815
data$DescriptionArbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   0.617
data$DescriptionArbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    0.810
data$DescriptionArkiea nlservd allows remote attackers to conduct a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           0.853
data$DescriptionAttackers can cause a denial of service in Ascend MAX and Pipeline routers with a malformed packet to the discard port, which is used by the Java Configurator tool.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             0.832
data$DescriptionAttackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login).  This applies to some IOS 9.x, 10.x, and 11.x releases.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      0.933
data$DescriptionAttackers can do a denial of service of IRC by crashing the server.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             <2e-16
data$DescriptionAutomount daemon automountd allows local or remote users to gain privileges via shell metacharacters.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            0.864
data$DescriptionBash treats any character with a value of 255 as a command separator.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            0.573
data$DescriptionBMC Patrol allows any remote attacker to flood its UDP port, causing a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        0.863
data$DescriptionBMC Patrol allows remote attackers to gain access to an agent by spoofing frames.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                0.842
data$DescriptionBNBForm allows remote attackers to read arbitrary files via the automessage hidden form variable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                0.885
data$DescriptionBNBSurvey survey.cgi program allows remote attackers to execute commands via shell metacharacters.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               0.918
data$DescriptionBonk variation of teardrop IP fragmentation denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  <2e-16
data$DescriptionBuffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        0.884
data$DescriptionBuffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                0.872
data$DescriptionBuffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               0.918
data$DescriptionBuffer overflow in AIX dtterm program for the CDE.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               0.894
data$DescriptionBuffer overflow in AIX ftpd in the libc library.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 0.848
data$DescriptionBuffer overflow in AIX lchangelv gives root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              0.849
data$DescriptionBuffer overflow in AIX libDtSvc library can allow local users to gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              <2e-16
data$DescriptionBuffer overflow in AIX lquerylv program gives root access to local users.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        0.803
data$DescriptionBuffer overflow in AIX rcp command allows local users to obtain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     0.926
data$DescriptionBuffer overflow in AIX writesrv command allows local users to obtain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                0.994
data$DescriptionBuffer overflow in AIX xdat gives root access to local users.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    0.828
data$DescriptionBuffer overflow in ALMail32 POP3 client via From: or To: headers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               <2e-16
data$DescriptionBuffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <2e-16
data$DescriptionBuffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         0.867
data$DescriptionBuffer overflow in BFTelnet allows remote attackers to cause a denial of service via a long username.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            0.817
data$DescriptionBuffer overflow in BIND 8.2 via NXT records.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     0.826
data$DescriptionBuffer overflow in BNC IRC proxy allows remote attackers to gain privileges.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     0.917
data$DescriptionBuffer overflow in BNU UUCP daemon (uucpd) through long hostnames.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               0.850
data$DescriptionBuffer overflow in bootpd 2.4.3 and earlier via a long boot file location.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       0.883
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
(Intercept)                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-1999-0022.  Reason: This candidate is a duplicate of CVE-1999-0022.  Notes: All CVE users should reference CVE-1999-0022 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-1999-0032.  Reason: This candidate is a duplicate of CVE-1999-0032.  Notes: All CVE users should reference CVE-1999-0032 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-1999-0315.  Reason: This candidate's original description had a typo that delayed it from being detected as a duplicate of CVE-1999-0315.  Notes: All CVE users should reference CVE-1999-0315 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-1999-1584, CVE-1999-1586.  Reason: This candidate combined references from one issue with the description from another issue.  Notes: Users should consult CVE-1999-1584 and CVE-1999-1586 to obtain the appropriate name.  All references and descriptions in this candidate have been removed to prevent accidental usage.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is not about any specific product, protocol, or design, so it is out of scope of CVE.  It might be more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A hacker utility, back door, or Trojan Horse is installed on a system, e.g. NetBus, Back Orifice, Rootkit, etc."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is not about any specific product, protocol, or design, so it is out of scope of CVE.  Notes: the former description is: "A service may include useful information in its banner or help function (such as the name and version), making it useful for information gathering activities."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A component service related to DNS service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A component service related to NETBIOS is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A component service related to NIS is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A database service is running, e.g. a SQL server, Oracle, or mySQL."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A POP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A Windows NT Primary Domain Controller (PDC) or Backup Domain Controller (BDC) is present."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "An SMTP service supports EXPN, VRFY, HELP, ESMTP, and/or EHLO."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "DCOM is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The bootparam (bootparamd) service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The FSP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The FTP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The HTTP/WWW service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The IMAP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The IRC service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The LDAP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The NFS service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The NNTP news service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The SMTP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The SNMP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The SSH service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The Telnet service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The TFTP service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The X Windows service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             ***
data$Description** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "The X25 service is running."                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   ***
data$Description.reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             ***
data$Description64 bit Solaris 7 procfs allows local users to perform a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
data$DescriptionA buffer overflow in lsof allows local users to obtain root privilege.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
data$DescriptionA buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
data$DescriptionA buffer overflow in the SGI X server allows local users to gain root access through the X server font path.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
data$DescriptionA bug in Cyrix CPUs on Linux allows local users to perform a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
data$DescriptionA component service related to NIS+ is running.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               ***
data$DescriptionA configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   ***
data$DescriptionA default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
data$DescriptionA default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
data$DescriptionA default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
data$DescriptionA DNS server allows inverse queries.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          ***
data$DescriptionA DNS server allows zone transfers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           ***
data$DescriptionA filter in a router or firewall allows unusual fragmented packets.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           ***
data$DescriptionA hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  ***
data$DescriptionA kernel leak in the OpenBSD kernel allows IPsec packets to be sent unencrypted.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
data$DescriptionA later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             ***
data$DescriptionA legacy credential caching mechanism used in Windows 95 and Windows 98 systems allows attackers to read plaintext network passwords.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
data$DescriptionA mail server is explicitly configured to allow SMTP mail relay, which allows abuse by spammers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              ***
data$DescriptionA malicious Palace server can force a client to execute arbitrary programs.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
data$DescriptionA memory leak in a Motorola CableRouter allows remote attackers to conduct a denial of service via a large number of telnet connections.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      ***
data$DescriptionA NETBIOS/SMB share password is guessable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ***
data$DescriptionA NETBIOS/SMB share password is the default, null, or missing.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                ***
data$DescriptionA network intrusion detection system (IDS) does not properly handle data within TCP handshake packets.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        ***
data$DescriptionA network intrusion detection system (IDS) does not properly handle packets that are sent out of order, allowing an attacker to escape detection.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             ***
data$DescriptionA network intrusion detection system (IDS) does not properly handle packets with improper sequence numbers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   ***
data$DescriptionA network intrusion detection system (IDS) does not properly reassemble fragmented packets.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   ***
data$DescriptionA network intrusion detection system (IDS) does not verify the checksum on a packet.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          ***
data$DescriptionA network service is running on a nonstandard port.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           ***
data$DescriptionA password for accessing a WWW URL is guessable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              ***
data$DescriptionA quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             
data$DescriptionA race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             
data$DescriptionA race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
data$DescriptionA race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 ***
data$DescriptionA race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
data$DescriptionA race condition in the BackWeb Polite Agent Protocol allows an attacker to spoof a BackWeb server.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
data$DescriptionA race condition in the Solaris ps command allows an attacker to overwrite critical files.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
data$DescriptionA remote attacker can disable the virus warning mechanism in Microsoft Excel 97.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
data$DescriptionA remote attacker can gain access to a file system using ..  (dot dot) when accessing SMB shares.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             ***
data$DescriptionA remote attacker can read information from a Netscape user's cache via JavaScript.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
data$DescriptionA remote attacker can sometimes identify the operating system of a host based on how it reacts to some IP or ICMP packets, using a tool such as nmap or queso.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                ***
data$DescriptionA router's configuration service or management interface (such as a web server or telnet) is configured to allow connections from arbitrary hosts.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            ***
data$DescriptionA router's routing tables can be obtained from arbitrary hosts.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               ***
data$DescriptionA router or firewall allows source routed packets from arbitrary hosts.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       ***
data$DescriptionA router or firewall forwards external packets that claim to come from inside the network that the router/firewall is in front of.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            ***
data$DescriptionA router or firewall forwards packets that claim to come from IANA reserved or private addresses, e.g. 10.x.x.x, 127.x.x.x, 217.x.x.x, etc.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   ***
data$DescriptionA Sendmail alias allows input to be piped to a program.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       ***
data$DescriptionA service or application has a backdoor password that was placed there by the developer.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      ***
data$DescriptionA superfluous NFS server is running, but it is not importing or exporting any file systems.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   ***
data$DescriptionA system-critical NETBIOS/SMB share has inappropriate access control.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         ***
data$DescriptionA system-critical program or library does not have the appropriate patch, hotfix, or service pack installed, or is outdated or obsolete.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      ***
data$DescriptionA system-critical program, library, or file has a checksum or other integrity measurement that indicates that it has been modified.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           ***
data$DescriptionA system-critical Unix file or directory has inappropriate permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       ***
data$DescriptionA system-critical Windows NT file or directory has inappropriate permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 ***
data$DescriptionA system-critical Windows NT registry key has an inappropriate value.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         ***
data$DescriptionA system-critical Windows NT registry key has inappropriate permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      ***
data$DescriptionA system does not present an appropriate legal message or warning to a user who is accessing it.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              ***
data$DescriptionA system is operating in "promiscuous" mode which allows it to perform packet sniffing.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       ***
data$DescriptionA system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                ***
data$DescriptionA trust relationship exists between two Unix hosts.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           ***
data$DescriptionA Unix account has a default, null, blank, or missing password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               ***
data$DescriptionA Unix account has a guessable password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      ***
data$DescriptionA Unix account with a name other than "root" has UID 0, i.e. root privileges.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 ***
data$DescriptionA URL for a WWW directory allows auto-indexing, which provides a list of all files in that directory if it does not contain an index.html file.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               ***
data$DescriptionA version of finger is running that exposes valid user information to any entity on the network.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
data$DescriptionA version of rusers is running that exposes valid user information to any entity on the network.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
data$DescriptionA vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  ***
data$DescriptionA weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
data$DescriptionA weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ***
data$DescriptionA Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
data$DescriptionA Windows NT account policy does not forcibly disconnect remote users from the server when their logon hours expire.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          ***
data$DescriptionA Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               ***
data$DescriptionA Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout duration, lockout after bad logon attempts, etc.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          ***
data$DescriptionA Windows NT administrator account has the default name of Administrator.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     ***
data$DescriptionA Windows NT domain user or administrator account has a default, null, blank, or missing password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            ***
data$DescriptionA Windows NT domain user or administrator account has a guessable password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   ***
data$DescriptionA Windows NT file system is not NTFS.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         ***
data$DescriptionA Windows NT local user or administrator account has a default, null, blank, or missing password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             ***
data$DescriptionA Windows NT local user or administrator account has a guessable password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ***
data$DescriptionA Windows NT log file has an inappropriate maximum size or retention period.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  ***
data$DescriptionA Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       ***
data$DescriptionA Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  ***
data$DescriptionA Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          ***
data$DescriptionA Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     ***
data$DescriptionA Windows NT system's user audit policy does not log an event success or failure, e.g. for Logon and Logoff, File and Object Access, Use of User Rights, User and Group Management, Security Policy Changes, Restart, Shutdown, and System, and Process Tracking.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             ***
data$DescriptionA Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              ***
data$DescriptionA Windows NT system does not restrict access to removable media drives such as a floppy disk drive or CDROM drive.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            ***
data$DescriptionA Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
data$DescriptionA Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
data$DescriptionA Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       ***
data$DescriptionA WWW server is not running in a restricted file system, e.g. through a chroot, thus allowing access to system-critical data.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 ***
data$DescriptionAAA authentication on Cisco systems allows attackers to execute commands without authorization.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
data$DescriptionACC Tigris allows public access without a login.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
data$DescriptionAccess violation in LSASS.EXE (LSA/LSARPC) program in Windows NT allows a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
data$Descriptionadmintool in Solaris allows a local user to write to arbitrary files and gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
data$DescriptionAfter an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
data$DescriptionAIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
data$DescriptionAIX bugfiler program allows local users to gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
data$DescriptionAIX infod allows local users to gain root access through an X display.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
data$DescriptionAIX Licensed Program Product performance tools allow local users to gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
data$DescriptionAIX nslookup command allows local users to obtain root access by not dropping privileges correctly.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
data$DescriptionAIX passwd allows local users to gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               
data$DescriptionAIX piodmgrsu command allows local users to gain additional group privileges.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
data$DescriptionAIX routed allows remote users to modify sensitive files.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     ***
data$DescriptionAlibaba HTTP server allows remote attackers to read files via a .. (dot dot) attack.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          ***
data$DescriptionAlibaba web server allows remote attackers to execute commands via a pipe character in a malformed URL.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       ***
data$DescriptionAll records in a WINS database can be deleted through SNMP for a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
data$DescriptionAN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
data$DescriptionAn account on a router, firewall, or other network device has a default, null, blank, or missing password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ***
data$DescriptionAn account on a router, firewall, or other network device has a guessable password.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           ***
data$DescriptionAn application-critical Windows NT registry key has an inappropriate value.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   ***
data$DescriptionAn application-critical Windows NT registry key has inappropriate permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                ***
data$DescriptionAn attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             
data$DescriptionAn attacker can force a printer to print arbitrary documents (e.g. if the printer doesn't require a password) or to become disabled.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          ***
data$DescriptionAn attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the Cisco Discovery Protocol (CDP).                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                ***
data$DescriptionAn attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
data$DescriptionAn event log in Windows NT has inappropriate access permissions.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              ***
data$DescriptionAn example application in ColdFusion Server 4.0 allows remote attackers to view source code via the sourcewindow.cfm file.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
data$DescriptionAn incorrect configuration of the EZMall 2000 shopping cart  CGI program "mall2000.cgi" could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   ***
data$DescriptionAn incorrect configuration of the Order Form 1.0 shopping cart  CGI program could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               ***
data$DescriptionAn incorrect configuration of the PDG Shopping Cart CGI program "shopper.cgi" could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
data$DescriptionAn incorrect configuration of the SoftCart CGI program "SoftCart.exe" could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     ***
data$DescriptionAn incorrect configuration of the Webcart CGI program could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     ***
data$DescriptionAn incorrect configuration of the WebStore 1.0 shopping cart CGI program "web_store.cgi" could disclose private information.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  ***
data$DescriptionAn NIS domain name is easily guessable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       ***
data$DescriptionAn SNMP community name is guessable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          ***
data$DescriptionAn SNMP community name is the default (e.g. public), null, or missing.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        ***
data$DescriptionAn SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   
data$DescriptionAn SSH server allows authentication through the .rhosts file.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 ***
data$DescriptionAn unrestricted remote trust relationship for Unix systems has been set up, e.g. by using a + sign in /etc/hosts.equiv.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       ***
data$DescriptionAn X server's access control is disabled (e.g. through an "xhost +" command) and allows anyone to connect to the server.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
data$DescriptionAnonymous FTP is enabled.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     ***
data$DescriptionAnyForm CGI remote execution.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
data$DescriptionApache allows remote attackers to conduct a denial of service via a large number of MIME headers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             ***
data$DescriptionApache httpd cookie buffer overflow for versions 1.1.1 and earlier.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
data$DescriptionArbitrary command execution via buffer overflow in Count.cgi (wwwcount) cgi-bin program.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
data$DescriptionArbitrary command execution via IMAP buffer overflow in authenticate command.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
data$DescriptionArbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   
data$DescriptionArbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
data$DescriptionArkiea nlservd allows remote attackers to conduct a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
data$DescriptionAttackers can cause a denial of service in Ascend MAX and Pipeline routers with a malformed packet to the discard port, which is used by the Java Configurator tool.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             
data$DescriptionAttackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login).  This applies to some IOS 9.x, 10.x, and 11.x releases.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
data$DescriptionAttackers can do a denial of service of IRC by crashing the server.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           ***
data$DescriptionAutomount daemon automountd allows local or remote users to gain privileges via shell metacharacters.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
data$DescriptionBash treats any character with a value of 255 as a command separator.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
data$DescriptionBMC Patrol allows any remote attacker to flood its UDP port, causing a denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
data$DescriptionBMC Patrol allows remote attackers to gain access to an agent by spoofing frames.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
data$DescriptionBNBForm allows remote attackers to read arbitrary files via the automessage hidden form variable.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
data$DescriptionBNBSurvey survey.cgi program allows remote attackers to execute commands via shell metacharacters.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               
data$DescriptionBonk variation of teardrop IP fragmentation denial of service.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                ***
data$DescriptionBuffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
data$DescriptionBuffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
data$DescriptionBuffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               
data$DescriptionBuffer overflow in AIX dtterm program for the CDE.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               
data$DescriptionBuffer overflow in AIX ftpd in the libc library.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
data$DescriptionBuffer overflow in AIX lchangelv gives root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
data$DescriptionBuffer overflow in AIX libDtSvc library can allow local users to gain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            ***
data$DescriptionBuffer overflow in AIX lquerylv program gives root access to local users.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
data$DescriptionBuffer overflow in AIX rcp command allows local users to obtain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
data$DescriptionBuffer overflow in AIX writesrv command allows local users to obtain root access.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
data$DescriptionBuffer overflow in AIX xdat gives root access to local users.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
data$DescriptionBuffer overflow in ALMail32 POP3 client via From: or To: headers.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             ***
data$DescriptionBuffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              ***
data$DescriptionBuffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
data$DescriptionBuffer overflow in BFTelnet allows remote attackers to cause a denial of service via a long username.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
data$DescriptionBuffer overflow in BIND 8.2 via NXT records.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
data$DescriptionBuffer overflow in BNC IRC proxy allows remote attackers to gain privileges.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
data$DescriptionBuffer overflow in BNU UUCP daemon (uucpd) through long hostnames.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               
data$DescriptionBuffer overflow in bootpd 2.4.3 and earlier via a long boot file location.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
 [ reached getOption("max.print") -- omitted 1613 rows ]
---
Signif. codes:  0 ‘***’ 0.001 ‘**’ 0.01 ‘*’ 0.05 ‘.’ 0.1 ‘ ’ 1

Residual standard error: 8.692e-12 on 6 degrees of freedom
Multiple R-squared:      1, Adjusted R-squared:      1 
F-statistic: 7.304e+25 on 990 and 6 DF,  p-value: < 2.2e-16

positions <- sample(nrow(data),size=floor((nrow(data)/4)*3))
training<- data[positions,]
testing<- data[-positions,]

Linear model


lm_fit<-lm(formula = Votes_r ~ Description_r + Status_r + References_r, data=training)
predictions<-predict(lm_fit,newdata=testing)
error<-sqrt((sum((testing$Votes_r-predictions)^2))/nrow(testing))
error
[1] 56.5068

Bagging function

library(foreach)
length_divisor<-6
iterations<-5000
predictions<-foreach(m=1:iterations,.combine=cbind) %do% {
training_positions <- sample(nrow(training), size=floor((nrow(training)/length_divisor)))
train_pos<-1:nrow(training) %in% training_positions
lm_fit<-lm(Votes_r ~ Description_r + Status_r + References_r,data=training[train_pos,])
predict(lm_fit,newdata=testing)
}
predictions<-rowMeans(predictions)
error<-sqrt((sum((testing$Votes_r-predictions)^2))/nrow(testing))
error
[1] 56.57869

Creating the First Ensemble Using Random Forest

#install.packages("randomForest")
library(randomForest)
rf_fit<-randomForest(Votes_r ~ Description_r + Status_r + References_r,data=training,ntree=500)
predictions<-predict(rf_fit,newdata=testing)
error<-sqrt((sum((testing$Votes_r-predictions)^2))/nrow(testing))
error
[1] 45.12506

first ensemble

length_divisor<-6
iterations<-5000
predictions<-foreach(m=1:iterations,.combine=cbind) %do% {
training_positions <- sample(nrow(training), size=floor((nrow(training)/length_divisor)))
train_pos<-1:nrow(training) %in% training_positions
lm_fit<-lm(Votes_r ~ Description_r + Status_r + References_r,data=training[train_pos,])
predict(lm_fit,newdata=testing)
}
lm_predictions<-rowMeans(predictions)

library(randomForest)
rf_fit<-randomForest(Votes_r ~ Description_r + Status_r + References_r,data=training,ntree=500)
rf_predictions<-predict(rf_fit,newdata=testing)
predictions<-(lm_predictions+rf_predictions)/2
error<-sqrt((sum((testing$Votes_r-predictions)^2))/nrow(testing))
error
[1] 48.92208

improving ensemble

predictions<-(lm_predictions+rf_predictions*9)/10
error<-sqrt((sum((testing$votes_rpredictions)^2))/nrow(testing))
error
[1] 0

Replacing linear Model with Support Vector

library(e1071)
svm_fit<-svm(Votes_r ~ Description_r + Status_r + References_r,data=training)
svm_predictions<-predict(svm_fit,newdata=testing)
error<-sqrt((sum((testing$Votes_r-svm_predictions)^2))/nrow(testing))
error
[1] 44.46861

bagging Svm technique

length_divisor<-6
iterations<-5000
predictions<-foreach(m=1:iterations,.combine=cbind) %do% {
training_positions <- sample(nrow(training), size=floor((nrow(training)/length_divisor)))
train_pos<-1:nrow(training) %in% training_positions
svm_fit<-svm(Votes_r ~ Description_r + Status_r + References_r,data=training[train_pos,])
predict(svm_fit,newdata=testing)
}
svm2_predictions<-rowMeans(predictions)
error<-sqrt((sum((testing$Votes_r-svm2_predictions)^2))/nrow(testing))
error
[1] 45.83003
predictions<-(svm_predictions+rf_predictions)/2
error<-sqrt((sum((testing$Votes_r-predictions)^2))/nrow(testing))
error

Defining the training controls for multiple models


library('caret')
fitControl <- trainControl(
  method = "cv",
  number = 3,
savePredictions = 'final',
classProbs = T)

#Defining the predictors and outcome

predictors<-c("Status_r", "References_r")

outcomeName<-'Votes_r'
#Spliting training set into two parts based on outcome: 75% and 25%

index <- createDataPartition(data$Votes_r, p=0.75, list=FALSE)
trainSet <- data[index,]
testSet <- data[-index, ]
head(trainSet)

train with random Forest


#Training the random forest model
model_rf<- train(trainSet[,predictors], trainSet[,outcomeName], method='rf', trControl=fitControl, tuneLength=3)

#Predicting using random forest model   
testSet$pred_rf <-predict(object = model_rf,testSet[,predictors])

#testSet$pred_rf
#Checking the accuracy of the random forest model

identical(levels(testSet$pred_rf), levels(testSet$Votes_r))

#confusionMatrix(testSet$Votes_r, testSet$pred_rf)
confusionMatrix(factor(testSet$pred_rf, levels=min(testSet$Votes_r):max(testSet$Votes_r)),factor(testSet$Votes_r, levels=min(testSet$Votes_r):max(testSet$Votes_r)) )
str(as.factor(testSet$Votes_r))
 Factor w/ 82 levels "1","2","3","8",..: 1 78 1 1 1 1 1 1 1 1 ...
str(as.factor(testSet$pred_rf))
 Factor w/ 80 levels "0.999999999999833",..: 33 45 23 24 1 1 1 1 1 24 ...
table(factor(testSet$pred_rf, levels=min(testSet$Votes_r):max(testSet$Votes_r)),factor(testSet$Votes_r, levels=min(testSet$Votes_r):max(testSet$Votes_r)))
     
      1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50
  1   0 0 0 0 0 0 0 0 0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0
  2   0 0 0 0 0 0 0 0 0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0
  3   0 0 0 0 0 0 0 0 0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0
     
      51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67

using knn

model_knn<-train(trainSet[,predictors],trainSet[,outcomeName],method='knn',trControl=fitControl,tuneLength=3)
cannnot compute class probabilities for regression
#Predicting using knn model
testSet$pred_knn<-predict(object = model_knn,testSet[,predictors])

#Checking the accuracy of the random forest model
confusionMatrix(factor(testSet$pred_knn, levels=min(testSet$Votes_r):max(testSet$Votes_r)),factor(testSet$Votes_r, levels=min(testSet$Votes_r):max(testSet$Votes_r)))
Confusion Matrix and Statistics

          Reference
Prediction  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46
       1   41  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0
       2    0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0
       3    0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0
          Reference
Prediction 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92
       1    0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  1  0  0  0  0  0
       2    0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0
       3    0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0  0
          Reference
Prediction 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128
       1    0  0  0  0  0  0  0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   1   0
       2    0  0  0  0  0  0  0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0
       3    0  0  0  0  0  0  0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0
          Reference
Prediction 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162
       1     0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0
       2     0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0   0
#Training the Logistic regression model
model_lr<-train(trainSet[,predictors],trainSet[,outcomeName],method='glm',trControl=fitControl,tuneLength=3)
cannnot compute class probabilities for regression
#Predicting using knn model
testSet$pred_lr<-predict(object = model_lr,testSet[,predictors])

#Checking the accuracy of the random forest model
confusionMatrix(testSet$Votes_r,testSet$pred_lr)
Error: `data` and `reference` should be factors with the same levels.

avearages and predicting probabilities

#Predicting the probabilities
testSet$pred_rf_prob<-predict(object = model_rf,testSet[,predictors],type='prob')
Error in predict.randomForest(modelFit, newdata, type = "prob") : 
  'prob' or 'vote' not meaningful for regression

weighted avaraging

#Taking weighted average of predictions
testSet$pred_weighted_avg<-(testSet$pred_rf_prob$Y*0.25)+(testSet$pred_knn_prob$Y*0.25)+(testSet$pred_lr_prob$Y*0.5)
Error in `$<-.data.frame`(`*tmp*`, pred_weighted_avg, value = numeric(0)) : 
  replacement has 0 rows, data has 249
  1. Ensemble machine learning with R

installing the related packages. packages

#install.packages("gbm")
library(mlbench)
library(caret)
library(caretEnsemble)

i). Boosting Algorithms Building multiple models (typically of the same type) each of which learns to fix the prediction errors of a prior model in the chain.

  1. C5.0
control <- trainControl(method="repeatedcv", number=3, repeats=3)
seed <- 7
metric <- "Accuracy"
# C5.0
set.seed(seed)
fit.c50 <- train(Votes~ Description + Phase, data=data, method="C5.0", metric=metric, trControl=control)
  1. Stochastic Gradient BOosting
# Stochastic Gradient Boosting
set.seed(seed)
fit.gbm <- train(Votes~Description_r + Phase_r, data=data, method="gbm", metric=metric, trControl=control, verbose=FALSE)

summary of both boosting methods

# summarize results
boosting_results <- resamples(list(c5.0=fit.c50, gbm=fit.gbm))
summary(boosting_results)
dotplot(boosting_results)

ii). Bagging Algorithms Let’s look at two of the most popular bagging machine learning algorithms:

1)Bagged CART b)Random Forest Below is an example of the Bagged CART and Random Forest algorithms in R. Both algorithms include parameters that are not tuned in this example.

control <- trainControl(method="repeatedcv", number=10, repeats=3)
seed <- 7
metric <- "Accuracy"
# Bagged CART
set.seed(seed)
fit.treebag <- train(Votes~Description + Status, data=data, method="treebag", metric=metric, trControl=control)
# Random Forest
set.seed(seed)
fit.rf <- train(Votes~Description + Status, data=data, method="rf", metric=metric, trControl=control)
# summarize results
bagging_results <- resamples(list(treebag=fit.treebag, rf=fit.rf))
summary(bagging_results)
dotplot(bagging_results)
  1. Stacking Algorithm

You can combine the predictions of multiple caret models using the caretEnsemble package.

Given a list of caret models, the caretStack() function can be used to specify a higher-order model to learn how to best combine the predictions of sub-models together.

Let’s first look at creating 5 sub-models for the ionosphere dataset, specifically:

Linear Discriminate Analysis (LDA) Classification and Regression Trees (CART) Logistic Regression (via Generalized Linear Model or GLM) k-Nearest Neighbors (kNN) Support Vector Machine with a Radial Basis Kernel Function (SVM) Below is an example that creates these 5 sub-models. Note the new helpful caretList() function provided by the caretEnsemble package for creating a list of standard caret models



# Example of Stacking algorithms
# create submodels
control <- trainControl(method="repeatedcv", number=10, repeats=3, savePredictions=TRUE, classProbs=TRUE)
algorithmList <- c('lda', 'rpart', 'glm', 'knn', 'svmRadial')
set.seed(seed)
models <- caretList(Votes~Description + Status, data=data, trControl=control, methodList=algorithmList)
results <- resamples(models)
summary(results)

correlation between models

# correlation between results
modelCor(results)
splom(results)

we use the model object stored above in staking above to combine the prediction of lassifiers into general linear model

stackControl <- trainControl(method="repeatedcv", number=10, repeats=3, savePredictions=TRUE, classProbs=TRUE)
set.seed(seed)
stack.glm <- caretStack(models, method="glm", metric="Accuracy", trControl=stackControl)
print(stack.glm)

repeat the above code bu then using the rf as our classifier to combine the prediction


# stack using random forest
set.seed(seed)
stack.rf <- caretStack(models, method="rf", metric="Accuracy", trControl=stackControl)
print(stack.rf)
  1. installing the relevant libraries
library(tidyverse) # for tidy data analysis
library(readr)     # for fast reading of input files
library(mice) 

identifying pattern in the dataset


md.pattern(data, plot = FALSE)

data explorationnwith this dataset

  1. respinse variable for classification
ggplot(data, aes(x = Status, fill = Status)) +
  geom_bar()
  1. repsonse variable for Regression
ggplot(data, aes(x =Votes_r )) +
  geom_histogram(bins = 10)

Features

gather(data, x, y, Status:Votes) %>%
  ggplot(aes(x = y, color = as.factor(data$Phase), fill = as.factor(data$Phase))) +
    geom_density(alpha = 0.3) +
    facet_wrap( ~ x, scales = "free", ncol = 3)

Machine learning packages for r

Caret

#install.packages("doParallel")
library(doParallel)
cl <- makeCluster(detectCores())
registerDoParallel(cl)

library(caret)

Training, validation and test data

set.seed(42)
index <- createDataPartition(data$Votes, p = 0.7, list = FALSE)
train_data <- data[index, ]
test_data  <- data[-index, ]
train_data

bind_rows(data.frame(group = "train", train_data),
      data.frame(group = "test", test_data)) %>%
  gather(x, y, train_data$Votes:train_dataStatus) %>%
  ggplot(aes(x = y, color = group, fill = group)) +
    geom_density(alpha = 0.3) +
    facet_wrap( ~ x, scales = "free", ncol = 3)

Regression

set.seed(42)
model_glm <- caret::train(Votes ~ Status+ Description+Status,
                          data = train_data,
                          method = "glm",
                          preProcess = c("scale", "center"),
                          trControl = trainControl(method = "repeatedcv", 
                                                  number = 4,
                                                  repeats = 10, 
                                                  savePredictions = TRUE, 
                                                  verboseIter = FALSE))

model_glm

predicting the model

predictions <- predict(model_glm, test_data)

Classification

library(rpart)
library(rpart.plot)

set.seed(42)
fit <- rpart(Votes ~ Status+ Description+Status,
            data = train_data,
            method = "class",
            control = rpart.control(xval = 10, 
                                    minbucket = 2, 
                                    cp = 0), 
             parms = list(split = "information"))

rpart.plot(fit, extra = 100)

Random forest

#install.packages("kernlab")
#install.packages("caret")
#install.packages("tm")
#install.packages("dplyr")
#install.packages("splitstackshape")
#install.packages("e1071")

library("kernlab") 
library("caret") 
library("tm") 
library("dplyr") 
library("splitstackshape")
library("e1071")

creating a new dataframe and split it inorder to gt the train and set data, that can be used as Vcorpus. In order to import a datafraem using a DataframeSOurce function we need to format the data, so that it contains doc_id as the column name, and also the text as the second column. In this case we will import subset only two column from

df <- data %>%
  select(doc_id =Name,text= Comments)
head(df)

index <- createDataPartition(df$text, p = 0.7, list = FALSE)
Some classes have a single record ( Baker> Although newer versions on snmp are not as vulnerable as prior versions,  |    this can still be a significant risk of exploitation, as seen in recent  |    attacks on snmp services via automated worms  |    Christey> XF:snmp(132) ?  |    Prosser> This fits the "exposure" description although we also know there are many vulnerabilities in SNMP.  This is more of a policy/best practice issue for administrators.  If you need SNMP lock it down as tight as you can, if you don't need it, don't run it., Balinsky> Don't know what this is.  Is this the LIST Core dump vulnerability?  |    Christey> Need to add more references and details., Blake> RHSA-1999:017-01 describes "potential security problem fixed" in the  |    absence of knowing whether or not the problems actually existed, I don't  |    think we have an entry here.  |    Frech> XF:redhat-net-tool-bo, Blake> This obscurely-written advisory seems to state that COAS will make the  |    file world-readable, not that it allows the user to make it so.  I hardly  |    think that allowing the user to turn off security is a vulnerability.  |    Christey> It's difficult to write the description based on what's in  |    the advisory.  If COAS inadvertently changes permissions  |    without user confirmation, then it should be ACCEPTed with  |    appropriate modification to the description.  |    Christey> ADDREF BID:137  |    CHANGE> [Armstrong changed vote from REVIEWING to NOOP], CHANGE> [Frech changed vote from REVIEWING to ACCEPT], CHANGE> [Frech changed vote from REVIEWING to MODIFY]  |    Frech> XF:access-weak-passwords(1774)  |    An older published reference (from our own Adam) would be  |    better:  |    ailab.coderpunks Newsgroup, 1998/06/23 "Re: MS Access 2.0"  |    http://x15.dejanews.com/[ST_rn=ps]/getdoc.xp?AN=365308578&CONTEXT=9192  |    07028.1462108427&hitnum=1, CHANGE> [Frech changed vote from REVIEWING to MODIFY]  |    Frech> XF:ascend-config-kill(889)  |    XF:cisco-ios-crash(1238)  |    XF:webramp-remote-access(1670)  |    XF:ascom-timeplex-debug(1824)  |    XF:netopia-unpassworded(1850)  |    XF:cisco-web-crash(1886)  |    XF:cisco-router-commands(1951)  |    XF:motorola-cable-default-pass(2002)  |    XF:default-flowpoint(2091)  |    XF:netgear-router-idle-dos(4003)  |    XF:cisco-cbos-telnet(4251)  |    XF:routermate-snmp-community(4290)  |    XF:cayman-router-dos(4479)  |    XF:wavelink-authentication(5185)  |    XF:ciscosecure-ldap-bypass-authentication(5274)  |    XF:foundry-firmware-telnet-dos(5514)  |    XF:netopia-view-system-log(5536)  |    XF:cisco-webadmin-remote-dos(5595)  |    XF:cisco-cbos-web-access(5626)  |    XF:netopia-telnet-dos(6001)  |    XF:cisco-sn-gain-access(6827)  |    XF:cayman-dsl-insecure-permissions(6841)  |    XF:linksys-etherfast-reveal-passwords(6949)  |    XF:zyxel-router-default-password(6968)  |    XF:cisco-cbos-web-config(7027)  |    XF:prestige-wan-bypass-filter(7146)  |    Christey> I changed the description to make it more explicit that this  |    candidate is about router configuration, as opposed to  |    vulnerabilities that accidentally make a configuration  |    service accessible to anyone., CHANGE> [Frech changed vote from REVIEWING to MODIFY]  |    Frech> XF:linux-autofs-bo(8365), CHANGE> [Frech changed vote from REVIEWING to MODIFY]  |    Frech> XF:linux-ports-dos(8364), Christey> A Bugtraq posting indicates that the bug has to do with  |    "short packets with certain options set," so the description  |    should be modified accordingly.  |      |    But is this the same as CVE-1999-0052?  That one is related  |    to nestea (CVE-1999-0257) and probably the one described in  |    BUGTRAQ:19981023 nestea v2 against freebsd 3.0-Release  |    The patch for nestea is in ip_input.c around line 750.  |    The patches for CVE-1999-0001 are in lines 388&446.  So,   |    CVE-1999-0001 is different from CVE-1999-0257 and CVE-1999-0052.  |    The FreeBSD patch for CVE-1999-0052 is in line 750.  |    So, CVE-1999-0257 and CVE-1999-0052 may be the same, though  |    CVE-1999-0052 should be RECAST since this bug affects Linux  |    and other OSes besides FreeBSD.  |    Frech> XF:teardrop(338)  |    This assignment was based solely on references to the CERT advisory.  |    Christey> The description for BID:190, which links to CVE-1999-0052 (a  |    FreeBSD advisory), notes that the patches provided by FreeBSD in  |    CERT:CA-1998-13 suggest a connection between CVE-1999-0001 and  |    CVE-1999-0052.  CERT:CA-1998-13 is too vague to be sure without  |    further analysis., Christey> A content decision (CD:CF-DATA) needs to be reviewed  |    and accepted by the Editorial Board in order to resolve  |    this question., Christey> Add "back door" to description., Christey> Add "X11" to facilitate search., Christey> ADDREF BID:1441  |    URL:http://www.securityfocus.com/bid/1441  |    Dik> If you run with "-ypset", then you're always insecure.  |    With ypsetme, only root on the local host  |    can run ypset in Solaris 2.x+.  |    Probably true for SunOS 4, hence my vote.  |    CHANGE> [Frech changed vote from REVIEWING to MODIFY]  |    Frech> ADDREF XF:ypbind-ypset-root  |    CHANGE> [Dik changed vote from REVIEWING to ACCEPT]  |    Dik> This vulnerability does exist in SunOS 4.x in non default configurations.  |    In Solaris 2.x, the vulnerability only applies to files named "cache_binding"  |    and not all files ending in .2  |    Both releases are not vulnerable in the default configuration (both  |    disabllow ypset by default which prevents this problem from occurring), Christey> ADDREF CIAC:J-043  |    URL:http://ciac.llnl.gov/ciac/bulletins/j-043.shtml  |    Also add "banner" to the description to facilitate search.  |    Baker> Should be in place where ever it is possible, Christey> aka "shell" on UNIX systems (at least Solaris) in the  |    /etc/inetd.conf file.  |    Frech> associated to:  |    XF:nt-rlogin(92)   |    XF:rsh-svc(114)  |    XF:rshd(2995), Christey> BID:1760  |    URL:http://www.securityfocus.com/bid/1760  |    Frech> XF:unitymail-web-dos(1630), Christey> BID:276  |    URL:http://www.securityfocus.com/vdb/bottom.html?vid=276  |    Frech> XF:novell-tts-dos, Christey> BUGTRAQ:19961126 Security Problems in XMCD 2.1  |    A followup to this post says that xmcd is not suid here., Christey> change description - anyone can log on *as* root  |    Frech> (Note: this XF also cataloged under CVE-1999-0508.), Christey> CVE-1999-0287 is probably a duplicate of CVE-1999-0467.  In  |    NTBUGTRAQ:19990409 Webcom's CGI Guestbook for Win32 web servers  |    Mnemonix says that he had previously reported on a similar  |    problem.  Let's refer to the NTBugtraq posting as  |    CVE-1999-0467.  We will refer to the "previous report" as  |    CVE-1999-0287, which can be found at:  |    http://oliver.efri.hr/~crv/security/bugs/NT/httpd41.html  |      |    0287 describes an exploit via the "template" hidden variable.  |    The exploit describes manually editing the HTML form to  |    change the filename to read from the template variable.  |      |    The exploit as described in 0467 encodes the template variable  |    directly into the URL.  However, hidden variables are also  |    encoded into the URL, which would have looked the same to  |    the web server regardless of the exploit.  Therefore 0287  |    and 0467 are the same.  |    Christey>    |    The CD:SF-EXEC content decision also applies here.  We have 2  |    programs, wguest.exe and rguest.exe, which appear to have the  |    same problem.  CD:SF-EXEC needs to be accepted by the Editorial  |    Board before this candidate can be converted into a CVE  |    entry.  When finalized, CD:SF-EXEC will decide whether  |    this candidate should be split or not.  |    Christey> BID:2024, Christey> CVE-1999-0948 and CVE-1999-0949 are extremely similar.  |    uum (0948) is exploitable through a different set of options  |    than canuum (0949).  If it's the same generic option parsing  |    routine used by both programs, then CD:SF-CODEBASE says to  |    merge them.  But if it's not, then CD:SF-LOC and CD:SF-EXEC  |    says to split them.  Ho
train_data <- df[index, ]
test_data  <- df[-index, ]
train_data

1.ingest your training data and clean it.


train <- VCorpus(DataframeSource(train_data), readerControl=list(language="English"))
train <- tm_map(train, content_transformer(stripWhitespace))
train <- tm_map(train, content_transformer(tolower))
train <- tm_map(train, content_transformer(removeNumbers))
train <- tm_map(train, content_transformer(removePunctuation))
  1. crreate a document.term matrix for training data
train.dtm <- as.matrix(DocumentTermMatrix(train, control=list(wordLengths=c(1,Inf))))
train.dtm
                                                                      Terms
Docs                                                                    a able abnormally about above absence absolutely abstain abstraction accept
                                                                      Terms
Docs                                                                   acceptable accepted accepting access accessed accessible accidentally
                                                                      Terms
Docs                                                                   accomplish accomplished according accordingly account accounts acknowledge
                                                                      Terms
Docs                                                                   acknowledged acknowledgement acquired across acted acting action actions
                                                                      Terms
Docs                                                                   active activex activities actual actually adam adapted add added adding
                                                                      Terms
Docs                                                                   addition additional addref addrefxfelmfilter address addressed addresses
                                                                      Terms
Docs                                                                   addressing admin admind administrator administrators admins advanced
                                                                      Terms
Docs                                                                   advisories advisory affect affected affects after again against agree ah
                                                                      Terms
Docs                                                                   ailabcoderpunks aix aka ala albeit aleph alert alias alibaba alibabapl all
                                                                      Terms
Docs                                                                   allaire allman allow allowed allowing allows alluded alludes almost along
                                                                      Terms
Docs                                                                   alpha already also altering alternately although always am ambiguous amount
                                                                      Terms
Docs                                                                   an analysis ancient and andor andre andres announcements anon anonymously
                                                                      Terms
Docs                                                                   another any anymore anyone anything anyway anywhere aol apache apars apparent
                                                                      Terms
Docs                                                                   apparently appear appears appended appending application applicationlevel
                                                                      Terms
Docs                                                                   applications applied applies apply appreciate appreciated appropriate
                                                                      Terms
Docs                                                                   approved apps april arbitrary archive archives are area arena arent argue
                                                                      Terms
Docs                                                                   argument arises arithmetic armstrong arne arnes around arp array article
                                                                      Terms
Docs                                                                   articles as asb ascend ash ask asked assign assigned assigning assignment
                                                                      Terms
Docs                                                                   associated assume assuming assumption at ataris attached attachment attack
                                                                      Terms
Docs                                                                   attacked attacker attackers attackexploit attacks attempt attempted attempts
                                                                      Terms
Docs                                                                   audio august auscert auscertaa authentication author authorized authors
                                                                      Terms
Docs                                                                   automated available back backdoors bad baker balinsky banner base based
                                                                      Terms
Docs                                                                   basement bash basically bauuibkacatmaticbuglisthtm be because becomes been
                                                                      Terms
Docs                                                                   before begins behavior being believe believed belive belong below bernstein
                                                                      Terms
Docs                                                                   berstein besides best beta better between beyond bid biggest bill bishop bit
                                                                      Terms
Docs                                                                   blake blamed blank bmc bo board bogus boguspl boink bollinger bomb bonk bonkc
                                                                      Terms
Docs                                                                   bootp bootpd bootpdc border bored bos both bother boundaries box boxes brian
                                                                      Terms
Docs                                                                   brief broad broswer browser browsing bsd bsdi bsdos btw buffer bug bugs
                                                                      Terms
Docs                                                                   bugtgraq bugtraq bugtraqjan builtin bulletin bulletins burnett burnetts but
                                                                      Terms
Docs                                                                   by bypasscircumvention bypassestricks byte bytecode c ca cachebinding
                                                                      Terms
Docs                                                                   calculation calderacssa call called calling came campaign can candidate
                                                                      Terms
Docs                                                                   candidates canna cannot canonicalize cans cant canuum capability capable
                                                                      Terms
Docs                                                                   captures cardinality cards carefully carts case cases casper caspers caswell
                                                                      Terms
Docs                                                                   cataloged category cause caused causes cc ccwhoismeta cdcfdata cdcfpass
                                                                      Terms
Docs                                                                   cddiscoverydate cde cdhighcard cdrom cdsfcodebase cdsfexec cdsfloc ce cert
                                                                      Terms
Docs                                                                   certain certca certcardist certvb cf cfinger cfm cgi cgibin cgidatainwebtree
                                                                      Terms
Docs                                                                   cgis change changed changelog changelogs changeref changes changing character
                                                                      Terms
Docs                                                                   characteristics characters check checking checks checksum chkperm choices
                                                                      Terms
Docs                                                                   choosing christey christeys christmas ciac ciacf ciacg ciach ciacia ciacj
                                                                      Terms
Docs                                                                   ciel circa circumvents cisco ciscosecure cite claim claiming claims
                                                                      Terms
Docs                                                                   clarification clarify class clear clearer clearly cleartext client
                                                                      Terms
Docs                                                                   clientserver clientside clipboard close closely closest cluster coas code
                                                                      Terms
Docs                                                                   codebase codebases codebrwasp coexistence cole com combinations combine
                                                                      Terms
Docs                                                                   combined combines combining come coming commands comment commented comments
                                                                      Terms
Docs                                                                   commodore common community companies company competition complain complete
                                                                      Terms
Docs                                                                   completely complicate component compromise compulink computer coms concern
                                                                      Terms
Docs                                                                   concerns concur conditions conference confidence configuration
                                                                      Terms
Docs                                                                   configurationrelated configurations configured confirm confirmation confirmed
                                                                      Terms
Docs                                                                   confirmftpftpscocomssessetarz
                                                                      Terms
Docs                                                                   confirmhttpwwwsecurityfocuscomframescontenttemplatesarchivepikeflistdmsgdqmailsecurityfocuscom
                                                                      Terms
Docs                                                                   confirms confused confusing confusion conjunction connected connection
                                                                      Terms
Docs                                                                   connections consequences consequently consider consideration considered
                                                                      Terms
Docs                                                                   considering consist consistency consistent constitute construct constructed
                                                                      Terms
Docs                                                                   construction consultation consulting consume contain contains content
                                                                      Terms
Docs                                                                   contentlength contenttype control controlittm controlled converted cookie
                                                                      Terms
Docs                                                                   cookies copied copy core corollary correct corrected correctly could count
                                                                      Terms
Docs                                                                   cover covered covers crash crazy create created creates creation criteria
                                                                      Terms
Docs                                                                   critical cross crossframe crossing crossreferenced cs cstm current currently
                                                                      Terms
Docs                                                                   cve cybercop d dacread daemon dan data database databases datagram date dated
                                                                      Terms
Docs                                                                   dates dave david day days ddatedmsgdebaedatashopperdk deals death debatable
                                                                      Terms
Docs                                                                   debate debian debians debug debugging dec december decide decision decisions
                                                                      Terms
Docs                                                                   deep deerfield default defaults defect defensive defer define defined defines
                                                                      Terms
Docs                                                                   defining definition delay delete delref delrefxfelmfilter demand denial
                                                                      Terms
Docs                                                                   denialofservice denom deny dependent depending depends derivative desc
                                                                      Terms
Docs                                                                   describe described describes describing description descriptionreferences
                                                                      Terms
Docs                                                                   descriptor design detail details detected detection determine determined
                                                                      Terms
Docs                                                                   determines determining devastated device df dgux diagnostics dicsovery
                                                                      Terms
Docs                                                                   dictate did didnt difference differences different differentiate diffferent
                                                                      Terms
Docs                                                                   difficult dig digging dik diks direct directly directories directory
                                                                      Terms
Docs                                                                   directorypaths disabllow disagree discloser disclosure discontinued
                                                                      Terms
Docs                                                                   discovered discovery discrete discretion discuss discussed discusses
                                                                      Terms
Docs                                                                   discussion disk displayopenedfilecfm distinct distinction distinguish
                                                                      Terms
Docs                                                                   distributed distribution distro dns do documentation documented does doesnt
                                                                      Terms
Docs                                                                   dog domain done dont door dos doses dot dotappending down download draft
                                                                      Terms
Docs                                                                   drafting drive drives dtaction dtactionbo dtmail dtmailpr dtmailptr due dump
                                                                      Terms
Docs                                                                   duncan dup dupe duplicate duplicates duplicatesubsumed duration during each
                                                                      Terms
Docs                                                                   earlier early easily easy echo echochargen ecurity editing editorial effect
                                                                      Terms
Docs                                                                   effectively eg either elements elias else email emerging employed enable
                                                                      Terms
Docs                                                                   enabled encoded encodes encryption end ending enforce engine enhancement
                                                                      Terms
Docs                                                                   enough entering enterprise entirely entity entries entry enumerate
                                                                      Terms
Docs                                                                   environmental environments equals equivalent er eric error ers esb esmtp
                                                                      Terms
Docs                                                                   especially establish etc etcinetdconf etcsecuritytcbprivs etcshadow eudora
                                                                      Terms
Docs                                                                   evade evaluator even event eventually ever every everyone evidence exact
                                                                      Terms
Docs                                                                   exactly examination examine example exceeds exec executable executables
                                                                      Terms
Docs                                                                   execute executed exercise exhaustion exhibiting exist existance existed
                                                                      Terms
Docs                                                                   existence existing exists expanded expect experiment expiration expires
                                                                      Terms
Docs                                                                   explain explicit explicitly exploit exploitable exploitation exploited
                                                                      Terms
Docs                                                                   exploiting exploits explorer expn exportable exposing exposure exposures
                                                                      Terms
Docs                                                                   exprcalccfm express expression expstr extend external extreme extremely
                                                                      Terms
Docs                                                                   eyedog f facilitate fact fail failure falls familar far fashion fat feature
                                                                      Terms
Docs                                                                   features feb february feedback feel few ffingerd ffingerds figure file
                                                                      Terms
Docs                                                                   filename filenames files filling final finalized finally find findable fine
                                                                      Terms
Docs                                                                   finger fingerd fingered fingerprinting firewall firewalls first fit fits fix
                                                                      Terms
Docs                                                                   fixed fixes fixing fixup flaw flaws flood flooding floppy foat focus folks
                                                                      Terms
Docs                                                                   follow followed following followon followup followups foojthml for forced
                                                                      Terms
Docs                                                                   form formation formatted forms forthcoming forwarding forwards found frag
                                                                      Terms
Docs                                                                   fragment fragmentation fragmented fragments frech free freebsd fresh from
                                                                      Terms
Docs                                                                   frontend froze frozen ftp ftpanon
                                                                      Terms
Docs                                                                   ftpciacllnlgovpubciacbulletincfycciacsunosnispatch
                                                                      Terms
Docs                                                                   ftpftpauscertorgaupubauscertadvisoryaahpuxremotewatchvul
                                                                      Terms
Docs                                                                   ftpftpauscertorgaupubauscertesbesb
                                                                      Terms
Docs                                                                   ftpftpauscertorgaupubauscertpapersunixsecuritychecklist
                                                                      Terms
Docs                                                                   ftpftpisieduinnotesrfctxt ftpftpscocomssesecuritybulletinssba
                                                                      Terms
Docs                                                                   ftpftpscocomssesecuritybulletinssbb ftpftpscocomssesecuritybulletinssbc
                                                                      Terms
Docs                                                                   ftppatchessgicomsupportfreesecurityadvisoriespx ftpwritabledirectory ftpwrite
                                                                      Terms
Docs                                                                   function functional functionality fundamental further furthermore future g
                                                                      Terms
Docs                                                                   gain gaining games gathering general generate generated generator generators
                                                                      Terms
Docs                                                                   generic georgi get getexe gets getting give given glance gmt godot
                                                                      Terms
Docs                                                                   goexpresscom going gone good got gpinesunadfwdfwnet great greater group
                                                                      Terms
Docs                                                                   groupwise guess guessable guessed guestbook guidance guninski guy hack had
                                                                      Terms
Docs                                                                   hadnt half halt hand handle handlerequest handling handshake happen hardly
                                                                      Terms
Docs                                                                   hardware has hat have havent having he header headeridentical headers helo
                                                                      Terms
Docs                                                                   help hence herbert herbertdebianorg here heres hidden hide hiding high
                                                                      Terms
Docs                                                                   highcard highest highlevel hijacker his hitnum hodgepodge hole horse host
                                                                      Terms
Docs                                                                   hosts hotfix hotmail hour house how however hp hphpsbux hpsbux hpux html http
                                                                      Terms
Docs                                                                   httparchivesneohapsiscomarchivesbugtraqhtml httpcgiccwhois
                                                                      Terms
Docs                                                                   httpcgimattswhoismeta httpcginessusorgpluginsdumpphpid
                                                                      Terms
Docs                                                                   httpciacllnlgovciacbulletinsfshtml httpciacllnlgovciacbulletinshshtml
                                                                      Terms
Docs                                                                   httpciacllnlgovciacbulletinsiashtml httpcryptoqmailvenemahtml
                                                                      Terms
Docs                                                                   httpcvemitreorgboardsponsorsarchivesmsghtml httpeuropesupportexternalhpcom
                                                                      Terms
Docs                                                                   httpfreshmeatnetnewshtml httphqmcafeeasapcomvulnerabilitiesvulndataasp
                                                                      Terms
Docs                                                                   httplinuxxlockexploittxt httpmarctheaimsgroupcomlbugtraqmw
                                                                      Terms
Docs                                                                   httpmarctheaimsgroupcomlntbugtraqmw httpmarctheaimsgroupcomlvulndevmw
                                                                      Terms
Docs                                                                   httpmdaemondeerfieldcomhelpdeskhotfixcfm httpncsalongurl
                                                                      Terms
Docs                                                                   httpoliverefrihrcrvsecuritybugsnthttpdhtml httppltplpnetippldocshistory
                                                                      Terms
Docs                                                                   httpport httprouteripanytext
                                                                      Terms
Docs                                                                   httpsunsolvesuncompubcgiretrievepldoctypecolldocsecbulltypenavsecsba
                                                                      Terms
Docs                                                                   httpsupportmicrosoftcomsupportkbarticlesqasp httpussupportexternalhpcom
                                                                      Terms
Docs                                                                   httpwuarchivewustledumirrorsnetbsdnetbsdcurrentpkgsrcinputmethodcanuumreadmehtml
                                                                      Terms
Docs                                                                   httpwwwallairecomhandlersindexcfmid httpwwwauscertorgau
                                                                      Terms
Docs                                                                   httpwwwcertorgadvisoriescahtml httpwwwcertorgftpcertbulletinsvbaelm
                                                                      Terms
Docs                                                                   httpwwwcertorgvendorbulletinsvbaelm httpwwwcertorgvendorbulletinsvbhp
                                                                      Terms
Docs                                                                   httpwwwciscocomwarppubliciostelnetoptpubshtml httpwwwdebianorgsecuritya
                                                                      Terms
Docs                                                                   httpwwwgeocrawlercomarchives
                                                                      Terms
Docs                                                                   httpwwwibmcomservicescontinuityrecovernsfadvisoriesaebffefileersoaretxt
                                                                      Terms
Docs                                                                   httpwwwipnsacomipnsavulnhtmstep httpwwwlarvenetippl
                                                                      Terms
Docs                                                                   httpwwwmicrosoftcomsecuritybulletinsmsasp
                                                                      Terms
Docs                                                                   httpwwwomnicronabcahttpddocsreleasehtml httpwwwomnicronabcaindexhtml
                                                                      Terms
Docs                                                                   httpwwwornlgovitsarchivesmailinglistsqmailthreadshtml
                                                                      Terms
Docs                                                                   httpwwwquikstorecomhelppagesconfigurationconfigparametersfullhtm
                                                                      Terms
Docs                                                                   httpwwwquikstorecomhelppagessecuritysecurityhtm
                                                                      Terms
Docs                                                                   httpwwwredhatcomsupporterratarherratageneralhtmlbootp httpwwwsecurityfocuscom
                                                                      Terms
Docs                                                                   httpwwwsecurityfocuscomarchive httpwwwsecurityfocuscombid
                                                                      Terms
Docs                                                                   httpwwwsecurityfocuscomfocusmicrosoftiisshowcodehtml
                                                                      Terms
Docs                                                                   httpwwwsecurityfocuscomframescontenttemplatesarchivepikeflist
                                                                      Terms
Docs                                                                   httpwwwsecurityfocuscomtemplatesadvisoryhtmlid
                                                                      Terms
Docs                                                                   httpwwwsecurityfocuscomtemplatesarchivepikelistdate
                                                                      Terms
Docs                                                                   httpwwwsecurityfocuscomtemplatesarchivepikelistdatems
                                                                      Terms
Docs                                                                   httpwwwsecurityfocuscomtemplatesarchivepikelistdatemsghjibxnojlaccojp
                                                                      Terms
Docs                                                                   httpwwwsecurityfocuscomtemplatesarchivepikelistdatemsgpinebsfqaapollotomconet
                                                                      Terms
Docs                                                                   httpwwwsecurityfocuscomtemplatesarchivepikelistdatemsgpinelnxjundergroundorg
                                                                      Terms
Docs                                                                   httpwwwsecurityfocuscomtemplatesarchivepikelistdatethreadkaabedbugsnetohiostateedu
                                                                      Terms
Docs                                                                   httpwwwsendmailorgcaemailspamhtml
                                                                      Terms
Docs                                                                   httpwwwsuncomsoftwarejwebservertechinfojwsinfohtml
                                                                      Terms
Docs                                                                   httpwwwsuncomsoftwarejwebservertechinfosecurityadvisoryhtml
                                                                      Terms
Docs                                                                   httpwwwtechnotroniccomrhinoadvisorieshtm httpwwwwftpdcom
                                                                      Terms
Docs                                                                   httpxdejanewscomstrnpsgetdocxpancontext httpxforceissnetalertsadvisephp
                                                                      Terms
Docs                                                                   httpxforceissnetstaticphp htype hÿbner  i iana iceberg icenewk icmp id idea
                                                                      Terms
Docs                                                                   ideas identical identification identified identifies identify identifying
                                                                      Terms
Docs                                                                   identity idnet ids ie if iirc iis iisfix ilk ill im img impact impacted
                                                                      Terms
Docs                                                                   implementation implementations implements implicitly implies important
                                                                      Terms
Docs                                                                   impractical improper improperly in inability inadvertently inappropriate
                                                                      Terms
Docs                                                                   inasmuch incident incidentally include included includes including inclusion
                                                                      Terms
Docs                                                                   inconsequential incorrect increase increasing incredibly independent
                                                                      Terms
Docs                                                                   independently index indicate indicated indicates indications individual
                                                                      Terms
Docs                                                                   individually inetdconf inferred infinite info information infovulnerability
                                                                      Terms
Docs                                                                   initial initially injected inpopd input insecure inside installed instance
                                                                      Terms
Docs                                                                   instances instant instead insufficient intact intended intends intent
                                                                      Terms
Docs                                                                   intention intentionally interaction interest interesting interface internet
                                                                      Terms
Docs                                                                   interpretations interpreted interpreters into intrinsic introduce introduced
                                                                      Terms
Docs                                                                   invalid involved involves involving ios ip ipfragmentc ipinputc ippl iptcp
                                                                      Terms
Docs                                                                   irc ircd irix is isnt isolate isps iss isshidden issue issued issues it item
                                                                      Terms
Docs                                                                   its itself ive j january japanese java javascript jet jim jolt july june just
                                                                      Terms
Docs                                                                   justiying jws kb kcmsconfigure keep keeping kernel kevins key keys keywords
                                                                      Terms
Docs                                                                   kill kills kind kit know knowing knowledge knowledgeable known ksh lack
                                                                      Terms
Docs                                                                   landfield language large larger laserfiche last late later latest launching
                                                                      Terms
Docs                                                                   laundry lcmessages lead leads least leave leaving leblanc lemson length less
                                                                      Terms
Docs                                                                   let lets letters level levy levys libc libdtsvca liberally libnsl libnslso
                                                                      Terms
Docs                                                                   libpcap library light like likely limit limited limits line lines linii link
                                                                      Terms
Docs                                                                   linked links linux linuxsecurity linuxsuperbo linuxsuperloggingbo list listed
                                                                      Terms
Docs                                                                   listings lists little loa loadmodule loadmodulemodload local location lock
                                                                      Terms
Docs                                                                   locking lockout lockouts log logged logging logins loginscheme logon long
                                                                      Terms
Docs                                                                   longer look looked looking looks lookup loop loosely lot lots lotus low
                                                                      Terms
Docs                                                                   lowercase lpd lpht lpstat lucy m machine machines machineservice made madness
                                                                      Terms
Docs                                                                   mail mailing maintained maintaining make making malformed malicious
                                                                      Terms
Docs                                                                   malllogfilesorderlog man management manager manifests manner manually many
                                                                      Terms
Docs                                                                   mapping mappings march mark marked markus match matches matching materially
                                                                      Terms
Docs                                                                   may maybe mdaemon me mean meaningless means meant meantime measurable media
                                                                      Terms
Docs                                                                   meet memory mention mentioned mentions merge merged merging merry message
                                                                      Terms
Docs                                                                   messages messanger messenger metacharacter metacharacters metachars method
                                                                      Terms
Docs                                                                   methods meunier microsft microsoft microsoftiis microsofts might mike mikes
                                                                      Terms
Docs                                                                   mime minimum minor misc mischttpoliverefrihrcrvsecuritybugslinuxipfraghtml
                                                                      Terms
Docs                                                                   mischttppulhasorgxploitsdbmunixesadmindhtml mischttppulhasxploitsdbntiishtml
                                                                      Terms
Docs                                                                   mischttpsecurityarchivemertonoxacukntsecurityhtml
                                                                      Terms
Docs                                                                   mischttpwwwinsecureorgnmapnmapfingerprintingarticlehtml
                                                                      Terms
Docs                                                                   mischttpwwwsecurityfocuscominfocus missing mk mktemp mnemonix mode model
                                                                      Terms
Docs                                                                   modem modems modes modification modifications modified modify modifying
                                                                      Terms
Docs                                                                   modules moment monitored monitoring month more moreover most mount mpras ms
                                                                      Terms
Docs                                                                   msg msgpinelnxviteluscom mshtml msiebo mskb mskbq msms msrc mstm mtu much
                                                                      Terms
Docs                                                                   mulitple multifaceted multihomed multiple must my n nai name named names
                                                                      Terms
Docs                                                                   narrower nat natural nature nay ncode ncr necessarily necessarly necessary
                                                                      Terms
Docs                                                                   need needed needs neither nestea nesteanesteav netbios netbsd netbsdnetbsdsa
                                                                      Terms
Docs                                                                   netkitftp netmask netpath netstd netstdslinkdiff network networks never new
                                                                      Terms
Docs                                                                   newer news newsgroup newtear nfr nfs nix nixs nlspath nmap no nobody nobuo
                                                                      Terms
Docs                                                                   non nonalphanumeric nonanon noncritical nondefault nonstandard nonswitched
                                                                      Terms
Docs                                                                   noop nor normalize normally northcutt nosuchfilepl not notation note noted
                                                                      Terms
Docs                                                                   notes nothing notice novell now nslpath nt ntbased ntbugtraq ntfs null number
                                                                      Terms
Docs                                                                   numbers numerous object objection obscure obscurelywritten obsolete obtain
                                                                      Terms
Docs                                                                   obtained occurance occurred occurring occurs oct odd of off offensive
                                                                      Terms
Docs                                                                   official offline offset often okay old older on once one ones only onthefly
                                                                      Terms
Docs                                                                   openbsd openfilecfm opening openserver opensever openssh openwindow operating
                                                                      Terms
Docs                                                                   opinion opposed option options or order orderlogdat orderlogvdat original
                                                                      Terms
Docs                                                                   originally os oses osfs osicom oss other others our out outlook output
                                                                      Terms
Docs                                                                   outside over overflow overflows overlap overlapping overly oversized
                                                                      Terms
Docs                                                                   overwhelm overwrite overwriting own owner ozancin p package packages packet
                                                                      Terms
Docs                                                                   packets page pages palm palmetto palmos paper paragraph parent parsing part
                                                                      Terms
Docs                                                                   particular parties partition parts party pascal passfilt passive password
                                                                      Terms
Docs                                                                   passwords past paste patch patchd patched patches patching path pathlocale
                                                                      Terms
Docs                                                                   pathnames patrol pattern payload pdf peculiar pending people per performance
                                                                      Terms
Docs                                                                   perhaps period periodic perl permission permissions permit persist person
                                                                      Terms
Docs                                                                   perspective pertain pertains pervious pf phf philosophy phpfi phrase phrasedm
                                                                      Terms
Docs                                                                   physical pilots ping pingicmp pipes pkg pkgcat pkginfio

repeating step and 2 in tesdata

test <- VCorpus(DataframeSource(test_data), readerControl=list(language="English"))
test <- tm_map(test, content_transformer(stripWhitespace))
test <- tm_map(test, content_transformer(tolower))
test <- tm_map(test, content_transformer(removeNumbers))
test <- tm_map(test, content_transformer(removePunctuation))
test.dtm <- as.matrix(DocumentTermMatrix(test, control=list(wordLengths=c(1,Inf))))

convertin into dataframe

train.df <- data.frame(train.dtm[,intersect(colnames(train.dtm), colnames(test.dtm))])
test.df <- data.frame(test.dtm[,intersect(colnames(test.dtm), colnames(train.dtm))])
head(train.df)
label.df <- data.frame(row.names(train.df))
colnames(label.df) <- c("filenames")
label.df<- cSplit(label.df, 'filenames', sep="_", type.convert=FALSE)
train.df$corpus<- label.df$filenames_1
test.df$corpus <- c("Neg")
head(test.df)
df.train <- train.df
df.test <- train.df
df.model<-ksvm(corpus~., data= df.train, kernel="rbfdot")
df.test <- test.df
df.pred <- predict(df.model, df.test)
Error in predict(df.model, df.test) : object 'df.model' not found
---
title: "R Notebook"
output: html_notebook
---


```{r}


setwd("C:/Users/v-tech/Desktop/samples/cve-common-vulnerabilities-and-exposures (1)")
#getwd()
```

```{r}
#getwd()
setwd("C:/Users/v-tech/Desktop/samples/cve-common-vulnerabilities-and-exposures (1)")
data <- read.csv("CVE.csv", header =TRUE,  skip = 2)
head(data)
```

```{r}
str(data)

```
 
```{r}
sum(is.na(data))
```
 
 converting to numeric
 
```{r}
data$Status_r <- unclass(data$Status)
data$Description_r <- unclass(data$Description)
data$References_r <- unclass(data$References)
data$Phase_r <-unclass(data$Phase)
data$Votes_r <- unclass(data$Votes)
data$Comments_r <- unclass(data$Comments)

head(data)
```

```{r}
lnm_fit = lm(formula = data$Votes_r ~ data$Description +data$Status +data$References , data= data)
summary(lnm_fit)

```


```{r}

positions <- sample(nrow(data),size=floor((nrow(data)/4)*3))
training<- data[positions,]
testing<- data[-positions,]


```

Linear model
```{r}

lm_fit<-lm(formula = Votes_r ~ Description_r + Status_r + References_r, data=training)
predictions<-predict(lm_fit,newdata=testing)
error<-sqrt((sum((testing$Votes_r-predictions)^2))/nrow(testing))
error

```

Bagging function
```{r}
library(foreach)
length_divisor<-6
iterations<-5000
predictions<-foreach(m=1:iterations,.combine=cbind) %do% {
training_positions <- sample(nrow(training), size=floor((nrow(training)/length_divisor)))
train_pos<-1:nrow(training) %in% training_positions
lm_fit<-lm(Votes_r ~ Description_r + Status_r + References_r,data=training[train_pos,])
predict(lm_fit,newdata=testing)
}
predictions<-rowMeans(predictions)
error<-sqrt((sum((testing$Votes_r-predictions)^2))/nrow(testing))
error

```
Creating the First Ensemble
Using Random Forest
```{r}
#install.packages("randomForest")
library(randomForest)
rf_fit<-randomForest(Votes_r ~ Description_r + Status_r + References_r,data=training,ntree=500)
predictions<-predict(rf_fit,newdata=testing)
error<-sqrt((sum((testing$Votes_r-predictions)^2))/nrow(testing))
error

```

first ensemble

```{r}
length_divisor<-6
iterations<-5000
predictions<-foreach(m=1:iterations,.combine=cbind) %do% {
training_positions <- sample(nrow(training), size=floor((nrow(training)/length_divisor)))
train_pos<-1:nrow(training) %in% training_positions
lm_fit<-lm(Votes_r ~ Description_r + Status_r + References_r,data=training[train_pos,])
predict(lm_fit,newdata=testing)
}
lm_predictions<-rowMeans(predictions)

library(randomForest)
rf_fit<-randomForest(Votes_r ~ Description_r + Status_r + References_r,data=training,ntree=500)
rf_predictions<-predict(rf_fit,newdata=testing)
predictions<-(lm_predictions+rf_predictions)/2
error<-sqrt((sum((testing$Votes_r-predictions)^2))/nrow(testing))
error
```
improving ensemble

```{r}
predictions<-(lm_predictions+rf_predictions*9)/10
error<-sqrt((sum((testing$votes_rpredictions)^2))/nrow(testing))
error
```

Replacing linear Model with Support Vector
```{r}
library(e1071)
svm_fit<-svm(Votes_r ~ Description_r + Status_r + References_r,data=training)
svm_predictions<-predict(svm_fit,newdata=testing)
error<-sqrt((sum((testing$Votes_r-svm_predictions)^2))/nrow(testing))
error
```
 bagging Svm technique
```{r}
length_divisor<-6
iterations<-5000
predictions<-foreach(m=1:iterations,.combine=cbind) %do% {
training_positions <- sample(nrow(training), size=floor((nrow(training)/length_divisor)))
train_pos<-1:nrow(training) %in% training_positions
svm_fit<-svm(Votes_r ~ Description_r + Status_r + References_r,data=training[train_pos,])
predict(svm_fit,newdata=testing)
}
svm2_predictions<-rowMeans(predictions)
error<-sqrt((sum((testing$Votes_r-svm2_predictions)^2))/nrow(testing))
error

```


```{r}
predictions<-(svm_predictions+rf_predictions)/2
error<-sqrt((sum((testing$Votes_r-predictions)^2))/nrow(testing))
error
```


2. 

Defining the training controls for multiple models
```{r}

library('caret')
fitControl <- trainControl(
  method = "cv",
  number = 3,
savePredictions = 'final',
classProbs = T)

#Defining the predictors and outcome

predictors<-c("Status_r", "References_r")

outcomeName<-'Votes_r'

```


```{r}
#Spliting training set into two parts based on outcome: 75% and 25%

index <- createDataPartition(data$Votes_r, p=0.75, list=FALSE)
trainSet <- data[index,]
testSet <- data[-index, ]
head(trainSet)
```



train with random Forest
```{r}

#Training the random forest model
model_rf<- train(trainSet[,predictors], trainSet[,outcomeName], method='rf', trControl=fitControl, tuneLength=3)

#Predicting using random forest model   
testSet$pred_rf <-predict(object = model_rf,testSet[,predictors])

#testSet$pred_rf
#Checking the accuracy of the random forest model

identical(levels(testSet$pred_rf), levels(testSet$Votes_r))

#confusionMatrix(testSet$Votes_r, testSet$pred_rf)
confusionMatrix(factor(testSet$pred_rf, levels=min(testSet$Votes_r):max(testSet$Votes_r)),factor(testSet$Votes_r, levels=min(testSet$Votes_r):max(testSet$Votes_r)) )


```


```{r}
str(as.factor(testSet$Votes_r))
str(as.factor(testSet$pred_rf))
table(factor(testSet$pred_rf, levels=min(testSet$Votes_r):max(testSet$Votes_r)),factor(testSet$Votes_r, levels=min(testSet$Votes_r):max(testSet$Votes_r)))
```

using knn
```{r}
model_knn<-train(trainSet[,predictors],trainSet[,outcomeName],method='knn',trControl=fitControl,tuneLength=3)

#Predicting using knn model
testSet$pred_knn<-predict(object = model_knn,testSet[,predictors])

#Checking the accuracy of the random forest model
confusionMatrix(factor(testSet$pred_knn, levels=min(testSet$Votes_r):max(testSet$Votes_r)),factor(testSet$Votes_r, levels=min(testSet$Votes_r):max(testSet$Votes_r)))
```

```{r}
#Training the Logistic regression model
model_lr<-train(trainSet[,predictors],trainSet[,outcomeName],method='glm',trControl=fitControl,tuneLength=3)

#Predicting using knn model
testSet$pred_lr<-predict(object = model_lr,testSet[,predictors])

#Checking the accuracy of the random forest model
confusionMatrix(testSet$Votes_r,testSet$pred_lr)

```


avearages and predicting probabilities
```{r}
#Predicting the probabilities
testSet$pred_rf_prob<-predict(object = model_rf,testSet[,predictors],type='prob')
testSet$pred_knn_prob<-predict(object = model_knn,testSet[,predictors],type='prob')
testSet$pred_lr_prob<-predict(object = model_lr,testSet[,predictors],type='prob')

#Taking average of predictions
testSet$pred_avg<-(testSet$pred_rf_prob$Y+testSet$pred_knn_prob$Y+testSet$pred_lr_prob$Y)/3

#Splitting into binary classes at 0.5
testSet$pred_avg<-as.factor(ifelse(testSet$pred_avg>0.5,'Y','N'))
```

weighted avaraging
```{r}
#Taking weighted average of predictions
testSet$pred_weighted_avg<-(testSet$pred_rf_prob$Y*0.25)+(testSet$pred_knn_prob$Y*0.25)+(testSet$pred_lr_prob$Y*0.5)

#Splitting into binary classes at 0.5
testSet$pred_weighted_avg<-as.factor(ifelse(testSet$pred_weighted_avg>0.5,'Y','N'))

```


3. Ensemble machine learning with R

installing the related packages. packages
```{r}
#install.packages("gbm")
library(mlbench)
library(caret)
library(caretEnsemble)

```

i). Boosting Algorithms
Building multiple models (typically of the same type) each of which learns to fix the prediction errors of a prior model in the chain. 

a) C5.0

```{r}
control <- trainControl(method="repeatedcv", number=3, repeats=3)
seed <- 7
metric <- "Accuracy"
# C5.0
set.seed(seed)
fit.c50 <- train(Votes~ Description + Phase, data=data, method="C5.0", metric=metric, trControl=control)
```



b) Stochastic Gradient BOosting
```{r}
# Stochastic Gradient Boosting
set.seed(seed)
fit.gbm <- train(Votes~Description_r + Phase_r, data=data, method="gbm", metric=metric, trControl=control, verbose=FALSE)
```

summary of both boosting methods


```{r}
# summarize results
boosting_results <- resamples(list(c5.0=fit.c50, gbm=fit.gbm))
summary(boosting_results)
dotplot(boosting_results)
```
ii). Bagging Algorithms
Let’s look at two of the most popular bagging machine learning algorithms:

1)Bagged CART
b)Random Forest
Below is an example of the Bagged CART and Random Forest algorithms in R. Both algorithms include parameters that are not tuned in this example.


```{r}
control <- trainControl(method="repeatedcv", number=10, repeats=3)
seed <- 7
metric <- "Accuracy"
# Bagged CART
set.seed(seed)
fit.treebag <- train(Votes~Description + Status, data=data, method="treebag", metric=metric, trControl=control)
# Random Forest
set.seed(seed)
fit.rf <- train(Votes~Description + Status, data=data, method="rf", metric=metric, trControl=control)
# summarize results
bagging_results <- resamples(list(treebag=fit.treebag, rf=fit.rf))
summary(bagging_results)
dotplot(bagging_results)
```

3. Stacking Algorithm

You can combine the predictions of multiple caret models using the caretEnsemble package.

Given a list of caret models, the caretStack() function can be used to specify a higher-order model to learn how to best combine the predictions of sub-models together.

Let’s first look at creating 5 sub-models for the ionosphere dataset, specifically:

Linear Discriminate Analysis (LDA)
Classification and Regression Trees (CART)
Logistic Regression (via Generalized Linear Model or GLM)
k-Nearest Neighbors (kNN)
Support Vector Machine with a Radial Basis Kernel Function (SVM)
Below is an example that creates these 5 sub-models. Note the new helpful caretList() function provided by the caretEnsemble package for creating a list of standard caret models
```{r}


# Example of Stacking algorithms
# create submodels
control <- trainControl(method="repeatedcv", number=10, repeats=3, savePredictions=TRUE, classProbs=TRUE)
algorithmList <- c('lda', 'rpart', 'glm', 'knn', 'svmRadial')
set.seed(seed)
models <- caretList(Votes~Description + Status, data=data, trControl=control, methodList=algorithmList)
results <- resamples(models)
summary(results)
```

correlation between models

```{r}
# correlation between results
modelCor(results)
splom(results)
```
we use the model object stored above in staking above to combine the prediction of lassifiers into general linear model

```{r}
stackControl <- trainControl(method="repeatedcv", number=10, repeats=3, savePredictions=TRUE, classProbs=TRUE)
set.seed(seed)
stack.glm <- caretStack(models, method="glm", metric="Accuracy", trControl=stackControl)
print(stack.glm)
```
repeat the above code bu then using the rf as our classifier to combine the prediction 
```{r}

# stack using random forest
set.seed(seed)
stack.rf <- caretStack(models, method="rf", metric="Accuracy", trControl=stackControl)
print(stack.rf)


```


4. installing the relevant libraries

```{r}
library(tidyverse) # for tidy data analysis
library(readr)     # for fast reading of input files
library(mice) 
```

identifying pattern in the dataset
```{r}

md.pattern(data, plot = FALSE)
```

data explorationnwith this dataset

1. respinse variable for classification
```{r}
ggplot(data, aes(x = Status, fill = Status)) +
  geom_bar()
```

2. repsonse variable for Regression

```{r}
ggplot(data, aes(x =Votes_r )) +
  geom_histogram(bins = 10)
```
Features


```{r}
gather(data, x, y, Status:Votes) %>%
  ggplot(aes(x = y, color = as.factor(data$Phase), fill = as.factor(data$Phase))) +
    geom_density(alpha = 0.3) +
    facet_wrap( ~ x, scales = "free", ncol = 3)
```

Machine learning packages for r

Caret
```{r}
#install.packages("doParallel")
library(doParallel)
cl <- makeCluster(detectCores())
registerDoParallel(cl)

library(caret)
```

Training, validation and test data

```{r}
set.seed(42)
index <- createDataPartition(data$Votes, p = 0.7, list = FALSE)
train_data <- data[index, ]
test_data  <- data[-index, ]
train_data
```

```{r}

bind_rows(data.frame(group = "train", train_data),
      data.frame(group = "test", test_data)) %>%
  gather(x, y, train_data$Votes:train_dataStatus) %>%
  ggplot(aes(x = y, color = group, fill = group)) +
    geom_density(alpha = 0.3) +
    facet_wrap( ~ x, scales = "free", ncol = 3)

```

Regression
```{r}
set.seed(42)
model_glm <- caret::train(Votes ~ Status+ Description+Status,
                          data = train_data,
                          method = "glm",
                          preProcess = c("scale", "center"),
                          trControl = trainControl(method = "repeatedcv", 
                                                  number = 4,
                                                  repeats = 10, 
                                                  savePredictions = TRUE, 
                                                  verboseIter = FALSE))

model_glm
```
predicting the model

```{r}
predictions <- predict(model_glm, test_data)

```

Classification

```{r}
library(rpart)
library(rpart.plot)

set.seed(42)
fit <- rpart(Votes ~ Status+ Description+Status,
            data = train_data,
            method = "class",
            control = rpart.control(xval = 10, 
                                    minbucket = 2, 
                                    cp = 0), 
             parms = list(split = "information"))

rpart.plot(fit, extra = 100)

```

Random forest

```{r}

```



5. 
```{r}
#install.packages("kernlab")
#install.packages("caret")
#install.packages("tm")
#install.packages("dplyr")
#install.packages("splitstackshape")
#install.packages("e1071")

library("kernlab") 
library("caret") 
library("tm") 
library("dplyr") 
library("splitstackshape")
library("e1071")
```

creating a new dataframe and split it inorder to gt the train and set data, that can be used as Vcorpus. In order to import a datafraem using a DataframeSOurce function we need to format the data, so that it contains doc_id as the column name, and also the text as the second column. In this case we will import subset only two column from 
```{r}
df <- data %>%
  select(doc_id =Name,text= Comments)
head(df)
```

```{r}

```



```{r}

index <- createDataPartition(df$text, p = 0.7, list = FALSE)
train_data <- df[index, ]
test_data  <- df[-index, ]
train_data
```

1.ingest your training data and clean it.
```{r}

train <- VCorpus(DataframeSource(train_data), readerControl=list(language="English"))
train <- tm_map(train, content_transformer(stripWhitespace))
train <- tm_map(train, content_transformer(tolower))
train <- tm_map(train, content_transformer(removeNumbers))
train <- tm_map(train, content_transformer(removePunctuation))
```
2.  crreate a document.term matrix for training data 

```{r}
train.dtm <- as.matrix(DocumentTermMatrix(train, control=list(wordLengths=c(1,Inf))))
#train.dtm

```

repeating step and 2 in tesdata

```{r}
test <- VCorpus(DataframeSource(test_data), readerControl=list(language="English"))
test <- tm_map(test, content_transformer(stripWhitespace))
test <- tm_map(test, content_transformer(tolower))
test <- tm_map(test, content_transformer(removeNumbers))
test <- tm_map(test, content_transformer(removePunctuation))
test.dtm <- as.matrix(DocumentTermMatrix(test, control=list(wordLengths=c(1,Inf))))
```

convertin into dataframe
```{r}
train.df <- data.frame(train.dtm[,intersect(colnames(train.dtm), colnames(test.dtm))])
test.df <- data.frame(test.dtm[,intersect(colnames(test.dtm), colnames(train.dtm))])
head(train.df)

```

```{r}
label.df <- data.frame(row.names(train.df))
colnames(label.df) <- c("filenames")
label.df<- cSplit(label.df, 'filenames', sep="_", type.convert=FALSE)
train.df$corpus<- label.df$filenames_1
test.df$corpus <- c("Neg")
head(test.df)
```


```{r}
df.train <- train.df
df.test <- train.df
df.model<-ksvm(corpus~., data= df.train, kernel="rbfdot")
df.pred<-predict(df.model, df.test)
con.matrix<-confusionMatrix(df.pred, df.test$corpus)
print(con.matrix)


```

```{r}
df.test <- test.df
df.pred <- predict(df.model, df.test)
results <- as.data.frame(df.pred)
rownames(results) <- rownames(test.df)
print(results)
```

